nerdexam
ExamsCAS-003Questions#848
CompTIA

CAS-003 · Question #848

CAS-003 Question #848: Real Exam Question with Answer & Explanation

The correct answer is A: An Nmap script to scan for unsafe servers on UDP 445. The Nmap script output targets UDP port 445, which deviates from standard SMB operation on TCP 445, indicating it is designed to identify unsafe or misconfigured server exposures on that port.

Question

A security analyst is responsible for the completion of a vulnerability assessment at a regional healthcare facility. The analyst reviews the following Nmap output: Which of the following is MOST likely what the security analyst is reviewing?

Options

  • AAn Nmap script to scan for unsafe servers on UDP 445
  • BAn Nmap script to run the SMB servers
  • CAn Nmap script to stop the SMB servers
  • DAn Nmap script to scan for vulnerable SMB servers

Explanation

The Nmap script output targets UDP port 445, which deviates from standard SMB operation on TCP 445, indicating it is designed to identify unsafe or misconfigured server exposures on that port.

Common mistakes.

  • B. Running SMB servers would require issuing administrative start commands on target hosts; an Nmap script only sends network probes and analyzes the responses it receives.
  • C. Stopping services requires elevated administrative access and control-plane commands on the remote system, which is not a function of Nmap network scanning scripts.
  • D. Scanning for vulnerable SMB servers typically targets TCP 445 using exploit-reference scripts such as those checking for EternalBlue or MS17-010, not UDP 445 which indicates unsafe configuration detection rather than exploit confirmation.

Concept tested. Nmap scripting for non-standard port and unsafe service detection

Reference. https://nmap.org/book/nse.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-003 Practice