nerdexam
EC-Council

312-50V11 · Question #429

A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the

The correct answer is A. The host is likely a printer.. The Internet Printing Protocol (IPP) uses port 631. https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

Scanning Networks

Question

A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the following is likely to be installed on the target machine by the OS? Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80/tcp open http 139/tcp open netbios-ssn 515/tcp open 631/tcp open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8

Options

  • AThe host is likely a printer.
  • BThe host is likely a Windows machine.
  • CThe host is likely a Linux machine.
  • DThe host is likely a router.

How the community answered

(42 responses)
  • A
    57% (24)
  • B
    12% (5)
  • C
    24% (10)
  • D
    7% (3)

Explanation

The Internet Printing Protocol (IPP) uses port 631. https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

Topics

#NMAP#port scanning#device fingerprinting#printer identification

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice