PT0-002 · Question #417
PT0-002 Question #417: Real Exam Question with Answer & Explanation
The correct answer is A: nmap --script=s7-info -p 102 10.88.88.76/24 -T3. The nmap command with the --script=s7-info is specifically designed to interact with Siemens S7 PLCs, which are common industrial control systems. The -p 102 specifies the port associated with Siemens S7 communications. The -T3 timing option is chosen to minimize the risk of impa
Question
A penetration tester is working to enumerate the PLC devices on the 10.88.88.76/24 network. Which of the following commands should the tester use to achieve the objective in a way that minimizes the risk of affecting the PLCs?
Options
- Anmap --script=s7-info -p 102 10.88.88.76/24 -T3
- Bnmap --script=wsdd-discover -p 3702 -sUlO.88.88.76/24
- Cnmap --script=iax2-version -p 4569 -sU -V 10.88.88.76/24 -T2
- Dnmap --script=xll-access -p 6000-6009 10.88.88.76/24
Explanation
The nmap command with the --script=s7-info is specifically designed to interact with Siemens S7 PLCs, which are common industrial control systems. The -p 102 specifies the port associated with Siemens S7 communications. The -T3 timing option is chosen to minimize the risk of impacting the PLCs by not being overly aggressive in the scan timing, which is important in operational technology environments where PLCs can be sensitive to high network traffic. The other options listed do not specifically target PLC devices or use appropriate timing to minimize
Topics
Community Discussion
No community discussion yet for this question.