312-50V9 · Question #32
Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?
The correct answer is C. NMAP scripting engine. NMAP uses its built-in scripting engine (NSE) to extend its capabilities beyond port scanning to basic vulnerability detection across protocols like SMB, HTTP, and FTP.
Question
Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?
Options
- AMetasploit scripting engine
- BNessus scripting engine
- CNMAP scripting engine
- DSAINT scripting engine
How the community answered
(51 responses)- A6% (3)
- B2% (1)
- C88% (45)
- D4% (2)
Why each option
NMAP uses its built-in scripting engine (NSE) to extend its capabilities beyond port scanning to basic vulnerability detection across protocols like SMB, HTTP, and FTP.
Metasploit has its own scripting engine used for exploitation, not for extending NMAP scan capabilities.
The Nessus scripting engine (NASL) belongs to the Nessus vulnerability scanner and is not used to extend NMAP functionality.
The NMAP Scripting Engine (NSE) allows users to write and execute scripts that automate a wide range of networking tasks including vulnerability detection across multiple service vectors such as SMB, HTTP, and FTP, making it a flexible lightweight vulnerability scanner without requiring external tools.
SAINT has its own scanning framework and scripting engine independent of NMAP.
Concept tested: NMAP Scripting Engine for vulnerability scanning
Source: https://nmap.org/book/nse.html
Topics
Community Discussion
No community discussion yet for this question.