312-50V11 · Question #631
Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135 to 139. What protoco
The correct answer is D. SMB. Ports 135-139 are reserved for NetBIOS and SMB services, which are core Windows networking protocols for file and print sharing.
Question
Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135 to 139. What protocol is most likely to be listening on those ports?
Options
- AFinger
- BFTP
- CSamba
- DSMB
How the community answered
(25 responses)- B4% (1)
- C4% (1)
- D92% (23)
Why each option
Ports 135-139 are reserved for NetBIOS and SMB services, which are core Windows networking protocols for file and print sharing.
Finger protocol operates on port 79 and is used to retrieve information about users on a remote system, not file sharing.
FTP uses ports 20 (data transfer) and 21 (control), which are entirely outside the 135-139 range.
Samba is a Linux/Unix software implementation of the SMB protocol, but the underlying protocol itself is SMB, making D the more precise and correct answer.
The port range 135-139 is associated with Microsoft's NetBIOS and SMB (Server Message Block) protocol suite: port 135 for MS RPC endpoint mapping, 137 for NetBIOS Name Service, 138 for NetBIOS Datagram Service, and 139 for NetBIOS Session Service over which SMB operates. These ports are a primary attack surface on Windows networks.
Concept tested: NetBIOS and SMB port range identification
Source: https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/direct-hosting-of-smb-over-tcpip
Topics
Community Discussion
No community discussion yet for this question.