GCIH Question #562: Real Exam Question with Answer & Explanation

The correct answer is D: nmap -A. Nmap has a powerful option called -A. This option enables OS detection, version detection, script scanning, and traceroute. It gives you far more information than a simple syn or TCP connect Netstat -nap will show local ports, PID, and program name on a Linux/Unix host. Sc query

Reconnaissance, Scanning, and Enumeration

Question

An analyst discovers an undocumented host showing up in some IDS alerts with IP address 10.0.1.123. A port scan indicates listening services on the host. What step can the analyst take next to attempt OS detection and the version of the unknown services?

Options

Asc query
Bnet view
Cnetstat -nap
Dnmap -A

Explanation

Nmap has a powerful option called -A. This option enables OS detection, version detection, script scanning, and traceroute. It gives you far more information than a simple syn or TCP connect Netstat -nap will show local ports, PID, and program name on a Linux/Unix host. Sc query will list local services on a Windows host. Net view will get a list of shares from a Windows host.

Topics

#nmap#OS detection#service enumeration#port scanning

Community Discussion

No community discussion yet for this question.

Full GCIH Practice