GCIH · Question #562
An analyst discovers an undocumented host showing up in some IDS alerts with IP address 10.0.1.123. A port scan indicates listening services on the host. What step can the analyst take next to attempt
The correct answer is D. nmap -A. Nmap has a powerful option called -A. This option enables OS detection, version detection, script scanning, and traceroute. It gives you far more information than a simple syn or TCP connect Netstat -nap will show local ports, PID, and program name on a Linux/Unix host. Sc query
Question
An analyst discovers an undocumented host showing up in some IDS alerts with IP address 10.0.1.123. A port scan indicates listening services on the host. What step can the analyst take next to attempt OS detection and the version of the unknown services?
Options
- Asc query
- Bnet view
- Cnetstat -nap
- Dnmap -A
How the community answered
(26 responses)- A4% (1)
- C8% (2)
- D88% (23)
Explanation
Nmap has a powerful option called -A. This option enables OS detection, version detection, script scanning, and traceroute. It gives you far more information than a simple syn or TCP connect Netstat -nap will show local ports, PID, and program name on a Linux/Unix host. Sc query will list local services on a Windows host. Net view will get a list of shares from a Windows host.
Topics
Community Discussion
No community discussion yet for this question.