312-50V10 · Question #30
Which is the first step followed by Vulnerability Scanners for scanning a network?
The correct answer is D. Checking if the remote host is alive. Vulnerability scanners must first verify a host is reachable before attempting any deeper probing. Scanning a dead host wastes resources and produces no useful results.
Question
Which is the first step followed by Vulnerability Scanners for scanning a network?
Options
- ATCP/UDP Port scanning
- BFirewall detection
- COS Detection
- DChecking if the remote host is alive
How the community answered
(53 responses)- A2% (1)
- B4% (2)
- D94% (50)
Why each option
Vulnerability scanners must first verify a host is reachable before attempting any deeper probing. Scanning a dead host wastes resources and produces no useful results.
TCP/UDP port scanning occurs after host discovery, not as the first step, because scanning ports on an unconfirmed host is inefficient.
Firewall detection is a later-stage technique performed after the host is known to be alive and initial port data is gathered.
OS detection relies on responses from open or closed ports and therefore cannot occur before the host is confirmed alive and ports are identified.
Before a vulnerability scanner can perform any meaningful enumeration, it must confirm the target host is alive, typically via ICMP echo requests or TCP/UDP probes. Only after a live host is confirmed does the scanner proceed to port scanning, OS detection, and service enumeration. Skipping this step would cause the scanner to waste cycles probing unreachable addresses.
Concept tested: Vulnerability scanner host discovery sequence
Source: https://nmap.org/book/man-host-discovery.html
Topics
Community Discussion
No community discussion yet for this question.