Free Preparation Discussions
MENU
CompTIA Exam PT0-003 Topic 3 Question 27 Discussion
Topic #: 3
[Information Gathering and Vulnerability Scanning]
A penetration tester observes the following output from an Nmap command while attempting to troubleshoot connectivity to a Linux server:
Starting Nmap 7.91 ( https://nmap.org ) at 2024-01-10 12:00 UTC
Nmap scan report for example.com (192.168.1.10)
Host is up (0.001s latency).
Not shown: 9999 closed ports
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
135/tcp open msrpc
139/tcp open netbios-ssn
443/tcp open https
2222/tcp open ssh
444/tcp open microsoft-ds
Nmap done: 1 IP address (1 host up) scanned in 0.23 seconds
Which of the following is the most likely reason for the connectivity issue?
The key detail in the Nmap scan output is that port 2222/tcp is open and running the SSH service. The standard SSH port is 22, so if the tester was attempting to connect on port 22, they would not succeed because SSH is instead listening on port 2222.
This is a common security hardening tactic---moving services to non-standard ports to reduce automated attacks.
There is no indication that the service is blocked (B), or requires certificates (C), or is inactive (D), because Nmap clearly shows the service is open and identified.
CompTIA PenTest+ Reference:
PT0-003 Objective 3.3: Analyze tool output or data related to engagement activities.
Nmap usage and interpreting scan results is emphasized in multiple sections.
Jade
3 days agoBobbye
6 days agoTracey
6 days agoEmerson
7 days agoLelia
11 days agoMelissa
15 days agoDevora
5 days agoDorothy
13 days ago