312-50V9 · Question #524
Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135 to 139. What protoco
The correct answer is D. SMB. Ports 135-139 are reserved for NetBIOS and SMB services on Windows systems, making SMB the protocol most likely listening in that range.
Question
Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135 to 139. What protocol is most likely to be listening on those ports?
Options
- AFinger
- BFTP
- CSamba
- DSMB
How the community answered
(52 responses)- A4% (2)
- C2% (1)
- D94% (49)
Why each option
Ports 135-139 are reserved for NetBIOS and SMB services on Windows systems, making SMB the protocol most likely listening in that range.
Finger protocol operates on port 79 and is used to retrieve user information on Unix systems, not in the 135-139 range.
FTP uses ports 20 (data transfer) and 21 (control), which are entirely outside the 135-139 range.
Samba is the open-source Linux/Unix implementation of the SMB protocol, not a separate protocol; the protocol itself is SMB, making D the more precise and correct answer.
The port range 135-139 is associated with Microsoft networking services: port 135 (RPC endpoint mapper), port 137 (NetBIOS Name Service), port 138 (NetBIOS Datagram Service), and port 139 (NetBIOS Session Service used by SMB). SMB (Server Message Block) is the application-layer protocol that enables Windows file sharing, printer sharing, and inter-process communication, and it historically operated over port 139 before migrating to port 445.
Concept tested: Windows NetBIOS and SMB port range identification
Source: https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule
Topics
Community Discussion
No community discussion yet for this question.