XK0-004 · Question #297
A Linux administrator is checking connectivity between two servers in separate subnets: Server A: 10.1.2.20 (source) Server B: 10.2.1.10 (destination on port 8080) The administrator tried to run the c
The correct answer is D. nmap -v -p 8080 10.2.1.10. The administrator needs a command on Server B that actively tests port 8080 availability; nmap can scan Server B's own address to verify port state and test connectivity.
Question
A Linux administrator is checking connectivity between two servers in separate subnets:
Server A: 10.1.2.20 (source) Server B: 10.2.1.10 (destination on port 8080) The administrator tried to run the curl 10.2.1.10:8080 command on server A and received the following output:
curl: (7) Failed to connect to 10.2.1.10 port 8080: Connection refused. The administrator checked on server B and confirmed nothing is listening on port 8080. Which of the following commands, when run on server B, would have allowed the administrator to test the connection successfully?
Options
- Atcpdump 'tcp port 8080'
- Bss -l -p dport=8080 dst 10.2.1.10
- Cnc -l -p 8080 10.2.1.10
- Dnmap -v -p 8080 10.2.1.10
How the community answered
(36 responses)- A11% (4)
- B6% (2)
- C22% (8)
- D61% (22)
Why each option
The administrator needs a command on Server B that actively tests port 8080 availability; nmap can scan Server B's own address to verify port state and test connectivity.
tcpdump 'tcp port 8080' passively captures packets on port 8080 but does not initiate any connection test or create a listener, so curl from Server A would still be refused.
ss -l -p dport=8080 dst 10.2.1.10 is syntactically invalid for ss and is a socket statistics display command, not a tool for creating a listener or testing a connection.
nc -l -p 8080 10.2.1.10 uses incorrect netcat syntax - pairing -l with a destination IP in this form does not correctly bind a listener to port 8080 on Server B's interface.
nmap -v -p 8080 10.2.1.10 performs a verbose port scan against Server B's own IP, actively probing whether port 8080 is open, closed, or filtered from the server's perspective. This gives the administrator a direct connection test result from Server B itself, confirming the port state and any firewall behavior. Running nmap against the local interface is a standard method to verify port accessibility and simulate the connection test.
Concept tested: Port scanning and server-side connectivity testing with nmap
Source: https://nmap.org/book/man.html
Topics
Community Discussion
No community discussion yet for this question.