PT0-002 · Question #276
PT0-002 Question #276: Real Exam Question with Answer & Explanation
The correct answer is B: --script "http*vuln*". {"question_number": 6, "question": "Which Nmap option will the penetration tester MOST likely utilize to probe a client's website for vulnerabilities while avoiding detection?", "correct_answer": "B. --script \"httpvuln\"", "explanation": "The Nmap Scripting Engine (NSE) option -
Question
A penetration tester will be performing a vulnerability scan as part of the penetration test on a client's website. The tester plans to run several Nmap scripts that probe for vulnerabilities while avoiding detection. Which of the following Nmap options will the penetration tester MOST likely utilize?
Options
- A-а8 -T0
- B--script "http*vuln*"
- C-sn
- D-O -A
Explanation
{"question_number": 6, "question": "Which Nmap option will the penetration tester MOST likely utilize to probe a client's website for vulnerabilities while avoiding detection?", "correct_answer": "B. --script "httpvuln"", "explanation": "The Nmap Scripting Engine (NSE) option --script allows the tester to run specific script categories. The wildcard pattern "httpvuln" matches all NSE scripts that target HTTP-based vulnerabilities, making it the correct choice for scanning a web server for vulnerabilities. Option A (-T0) is an ultra-slow timing option for stealth but -a8 is not valid Nmap syntax. Option C (-sn) performs only host discovery with no port or vulnerability scanning. Option D (-O -A) performs aggressive OS fingerprinting and service detection, which is noisy and not focused on web vulnerabilities.", "generated_by": "claude-sonnet", "llm_judge_score": 2}
Topics
Community Discussion
No community discussion yet for this question.