nerdexam
EC-Council

312-50V9 · Question #32

Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?

The correct answer is C. NMAP scripting engine. NMAP uses its built-in scripting engine (NSE) to extend its capabilities beyond port scanning to basic vulnerability detection across protocols like SMB, HTTP, and FTP.

Vulnerability Analysis

Question

Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?

Options

  • AMetasploit scripting engine
  • BNessus scripting engine
  • CNMAP scripting engine
  • DSAINT scripting engine

How the community answered

(51 responses)
  • A
    6% (3)
  • B
    2% (1)
  • C
    88% (45)
  • D
    4% (2)

Why each option

NMAP uses its built-in scripting engine (NSE) to extend its capabilities beyond port scanning to basic vulnerability detection across protocols like SMB, HTTP, and FTP.

AMetasploit scripting engine

Metasploit has its own scripting engine used for exploitation, not for extending NMAP scan capabilities.

BNessus scripting engine

The Nessus scripting engine (NASL) belongs to the Nessus vulnerability scanner and is not used to extend NMAP functionality.

CNMAP scripting engineCorrect

The NMAP Scripting Engine (NSE) allows users to write and execute scripts that automate a wide range of networking tasks including vulnerability detection across multiple service vectors such as SMB, HTTP, and FTP, making it a flexible lightweight vulnerability scanner without requiring external tools.

DSAINT scripting engine

SAINT has its own scanning framework and scripting engine independent of NMAP.

Concept tested: NMAP Scripting Engine for vulnerability scanning

Source: https://nmap.org/book/nse.html

Topics

#NMAP scripting engine#NSE#vulnerability scanning#SMB HTTP FTP

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice