Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CompTIA Exam CS0-003 Topic 2 Question 27 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 27
Topic #: 2
[All CS0-003 Questions]

An analyst investigated a website and produced the following:

Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-21 10:21 CDT

Nmap scan report for insecure.org (45.33.49.119)

Host is up (0.054s latency).

rDNS record for 45.33.49.119: ack.nmap.org

Not shown: 95 filtered tcp ports (no-response)

PORT STATE SERVICE VERSION

22/tcp open ssh OpenSSH 7.4 (protocol 2.0)

25/tcp closed smtp

80/tcp open http Apache httpd 2.4.6

113/tcp closed ident

443/tcp open ssl/http Apache httpd 2.4.6

Service Info: Host: issues.nmap.org

Service detection performed. Please report any incorrect results at https://nmap .org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 20.52 seconds

Which of the following syntaxes did the analyst use to discover the application versions on this vulnerable website?

Show Suggested Answer Hide Answer
Suggested Answer: C

Contribute your Thoughts:

Kenny
2 months ago
Haha, 'issues.nmap.org' - I wonder what kind of issues they're dealing with over there. Hopefully not too many security problems!
upvoted 0 times
...
Iraida
2 months ago
I'm a bit surprised the analyst didn't use the more comprehensive -A option to get even more information. But -sV is the right call for just version discovery.
upvoted 0 times
Rhea
1 months ago
The analyst probably chose -sV to specifically target version discovery.
upvoted 0 times
...
Marica
1 months ago
Using -sV is more focused on discovering application versions.
upvoted 0 times
...
Jeanice
1 months ago
I agree, but -sV is the right choice for just version discovery.
upvoted 0 times
...
Latanya
2 months ago
It's all about choosing the right tool for the job. -sV was the right choice in this case.
upvoted 0 times
...
Valentin
2 months ago
Yeah, -A would have provided more information, but -sV is more specific for application versions.
upvoted 0 times
...
Maybelle
2 months ago
I think the analyst should have used the -A option for more information.
upvoted 0 times
...
My
2 months ago
I think the analyst chose -sV to just focus on version discovery.
upvoted 0 times
...
...
Adria
3 months ago
Yep, I agree with Buck. The -sV option is definitely the way to go for version detection. Good catch!
upvoted 0 times
Xochitl
2 months ago
D) nmap -A insecure.org
upvoted 0 times
...
Stevie
2 months ago
C) nmap -sV -T4 -F insecure.org
upvoted 0 times
...
Jettie
2 months ago
B) nmap -0 insecure.org
upvoted 0 times
...
Noe
2 months ago
A) nmap -sS -T4 -F insecure.org
upvoted 0 times
...
...
Cruz
3 months ago
I'm not sure, but I think option D) nmap -A insecure.org could also be a possibility to discover application versions.
upvoted 0 times
...
Bobbye
3 months ago
I agree with Crista, option C) makes sense because it includes version detection.
upvoted 0 times
...
Buck
3 months ago
The use of the -sV flag to discover application versions is a clear giveaway here. C is the correct answer.
upvoted 0 times
Fatima
2 months ago
That makes sense, the -sV flag is specifically used for version detection.
upvoted 0 times
...
Fatima
3 months ago
C) nmap -sV -T4 -F insecure.org
upvoted 0 times
...
...
Crista
3 months ago
I think the analyst used option C) nmap -sV -T4 -F insecure.org to discover the application versions.
upvoted 0 times
...

Save Cancel