nerdexam
CompTIA

LX0-104 · Question #377

The command 'nmap sS O 10.142.232.10' produces the following output: PORT STATE SERVICE 631/tcp open ipp 3306/tcp open mysql Which of these statements are true? (Select TWO correct answers)

The correct answer is B. The scan was executed by the root user. D. A stealth SYN scan was launched.. The Nmap command nmap -sS -O 10.142.232.10 indicates a stealth SYN scan (-sS) for open ports and an OS detection scan (-O), both of which require root privileges to execute.

Security

Question

The command 'nmap sS O 10.142.232.10' produces the following output: PORT STATE SERVICE 631/tcp open ipp 3306/tcp open mysql Which of these statements are true? (Select TWO correct answers)

Options

  • AA simple scan was launched.
  • BThe scan was executed by the root user.
  • COutput will be sent to a file instead of stdout.
  • DA stealth SYN scan was launched.
  • EThere are no other services running on this machine.

How the community answered

(20 responses)
  • A
    5% (1)
  • B
    85% (17)
  • C
    10% (2)

Why each option

The Nmap command `nmap -sS -O 10.142.232.10` indicates a stealth SYN scan (`-sS`) for open ports and an OS detection scan (`-O`), both of which require root privileges to execute.

AA simple scan was launched.

A 'simple scan' is too vague; the -sS flag specifically denotes a stealth SYN scan, which is a particular and advanced type of port scan.

BThe scan was executed by the root user.Correct

The -sS (SYN scan) option requires Nmap to craft custom raw packets, which necessitates root privileges (or equivalent capabilities) on most Unix-like operating systems for the program to be able to create and send these specialized network packets.

COutput will be sent to a file instead of stdout.

The command provided does not include any output options (like -oN or -oX) that would direct output to a file; by default, Nmap sends its results to standard output.

DA stealth SYN scan was launched.Correct

The -sS flag in Nmap explicitly stands for a 'Stealth SYN scan,' also known as a half-open scan, where Nmap sends SYN packets and processes SYN/ACK responses without completing the full TCP handshake, making it less detectable by firewalls and intrusion detection systems.

EThere are no other services running on this machine.

The output only shows services found on specific ports; Nmap cannot definitively state that there are no other services running on the machine, as other services might be on different ports, filtered, or otherwise undetected by this particular scan.

Concept tested: Nmap scan types (-sS), OS detection (-O), and user privileges

Source: https://nmap.org/book/man-port-scanning-techniques.html

Topics

#Nmap#port scanning#stealth scan#OS detection

Community Discussion

No community discussion yet for this question.

Full LX0-104 Practice