CISSP · Question #1352
CISSP Question #1352: Real Exam Question with Answer & Explanation
The correct answer is D: Use nmap and set the servers' public IPs as the targets.. Nmap is a tool that can perform network scanning and enumeration, as well as vulnerability detection and exploitation. It can be used to identify which protocols and weaknesses are being exposed to attackers on the Internet by scanning the servers' public IP addresses and analyzi
Question
To comply with industry requirements, a security assessment on the cloud server should identify which protocols and weaknesses are being exposed to attackers on the Internet. Which of the following tools is the MOST appropriate to complete the assessment?
Options
- AUse tcpdump and parse the output file in a protocol analyzer.
- BUse an IP scanner and target the cloud WAN network addressing
- CRun netstat in each cloud server and retrieve the running processes.
- DUse nmap and set the servers' public IPs as the targets.
Explanation
Nmap is a tool that can perform network scanning and enumeration, as well as vulnerability detection and exploitation. It can be used to identify which protocols and weaknesses are being exposed to attackers on the Internet by scanning the servers' public IP addresses and analyzing the open ports, services, and configurations. Nmap can also provide information about the operating system, version, and patch level of the servers, as well as the potential vulnerabilities and exploits that can be used against them. Nmap is the most appropriate tool to complete the security assessment on the cloud server, as it can provide a comprehensive and accurate view of the network exposure and risk.
Topics
Community Discussion
No community discussion yet for this question.