312-50V10 · Question #114
You are doing an internal security audit and intend to find out what ports are open on all the servers. What is the best way to find out?
The correct answer is A. Scan servers with Nmap. Nmap is the industry-standard tool for port scanning and network discovery, making it the most efficient and effective choice for auditing open ports across multiple servers.
Question
You are doing an internal security audit and intend to find out what ports are open on all the servers. What is the best way to find out?
Options
- AScan servers with Nmap
- BScan servers with MBSA
- CTelnet to every port on each server
- DPhysically go to each server
How the community answered
(40 responses)- A88% (35)
- B3% (1)
- C8% (3)
- D3% (1)
Why each option
Nmap is the industry-standard tool for port scanning and network discovery, making it the most efficient and effective choice for auditing open ports across multiple servers.
Nmap (Network Mapper) is purpose-built for port scanning and can scan entire subnets or server ranges simultaneously, reporting open, closed, and filtered ports with service version details. It is the most efficient and accurate method for an internal security audit of this nature.
MBSA (Microsoft Baseline Security Analyzer) checks for security misconfigurations and missing patches on Windows systems - it is not a dedicated port scanner and does not provide comprehensive open port enumeration.
Telneting to every port manually is extremely time-consuming, impractical at scale, and only works on ports that respond to text-based protocols.
Physically visiting each server provides no automated insight into open network ports and is entirely impractical for auditing server network exposure.
Concept tested: Network port scanning tool selection
Source: https://nmap.org/book/man.html
Topics
Community Discussion
No community discussion yet for this question.