nerdexam
ExamsCAS-001Questions#468
CompTIA

CAS-001 · Question #468

CAS-001 Question #468: Real Exam Question with Answer & Explanation

The correct answer is C: Solaris. The combination of open ports is a classic fingerprint for Solaris or older UNIX systems. TCP/111 is the portmapper/rpcbind service, TCP/2049 is NFS (Network File System), and TCP/32778 is a high-numbered RPC service registered with portmapper - all hallmarks of Solaris's heavy r

Question

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string: user@hostname:~$ sudo nmap -O 192.168.1.54 Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device: TCP/22 TCP/111 TCP/512-514 TCP/2049 TCP/32778 Based on this information, which of the following operating systems is MOST likely running on the unknown node?

Options

  • ALinux
  • BWindows
  • CSolaris
  • DOSX

Explanation

The combination of open ports is a classic fingerprint for Solaris or older UNIX systems. TCP/111 is the portmapper/rpcbind service, TCP/2049 is NFS (Network File System), and TCP/32778 is a high-numbered RPC service registered with portmapper - all hallmarks of Solaris's heavy reliance on Sun RPC and NFS. TCP/512-514 are the Berkeley r-commands (rexec, rlogin, rsh), which were common in traditional UNIX environments and are strongly associated with Solaris. Linux would typically not expose r-commands by default in modern configurations. Windows does not natively use these services. macOS (OSX) does support some of these but the full combination - especially the r-commands alongside RPC/NFS - strongly points to Solaris.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-001 Practice