New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

The SecOps Group CNSP Exam - Topic 1 Question 12 Discussion

Actual exam question for The SecOps Group's CNSP exam
Question #: 12
Topic #: 1
[All CNSP Questions]

If you find the 111/TCP port open on a Unix system, what is the next logical step to take?

Show Suggested Answer Hide Answer
Suggested Answer: A

Port 111/TCP is the default port for the RPC (Remote Procedure Call) portmapper service on Unix systems, which registers and manages RPC services.

Why A is correct: Running rpcinfo -p <hostname> queries the portmapper to list all registered RPC services, their programs, versions, and associated ports. This is a logical next step during a security audit or penetration test to identify potential vulnerabilities (e.g., NFS or NIS services). CNSP recommends this command for RPC enumeration.

Why other options are incorrect:

B . Telnet to the port to look for a banner: Telnet might connect, but RPC services don't typically provide a human-readable banner, making this less effective than rpcinfo.

C . Telnet to the port, send 'GET / HTTP/1.0' and gather information from the response: Port 111 is not an HTTP service, so an HTTP request is irrelevant and will likely fail.

D . None of the above: Incorrect, as A is a valid and recommended step.


by Vannessa at Jul 31, 2025, 07:35 PM

Limited Time Offer

25%

Off

Get Premium CNSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Sherron
2 months ago
None of the above? Nah, I’d stick with A or B for sure.
upvoted 0 times
...
Desiree
2 months ago
I think B is better, banners can give a lot of info.
upvoted 0 times
...
Rasheeda
3 months ago
Wait, is 111/TCP even supposed to be open? That seems odd.
upvoted 0 times
...
Bernardo
3 months ago
C sounds interesting, but is it really the best option?
upvoted 0 times
...
Mona
3 months ago
Definitely go with A, rpcinfo is super useful!
upvoted 0 times
...
Yuonne
3 months ago
Honestly, I'm leaning towards option A, but I also remember something about checking for banners. It's tough to decide without more context!
upvoted 0 times
...
Rikki
4 months ago
I practiced a question like this where we had to gather information from a web server response. Sending 'GET / HTTP/1.0' might be relevant, but I can't recall if it's the right context for port 111.
upvoted 0 times
...
Hildegarde
4 months ago
I feel like telnetting to the port could give us some useful info, especially if there's a banner. That seems like a safe bet.
upvoted 0 times
...
Kris
4 months ago
I think I remember that running 'rpcinfo -p' is a common step when dealing with RPC services, but I'm not entirely sure if it's the best first move here.
upvoted 0 times
...
Hubert
4 months ago
Hmm, I'm not sure about this one. I'll have to think it through a bit more. Maybe I'll just mark 'None of the above' for now and come back to it later.
upvoted 0 times
...
Marquetta
4 months ago
Interesting, I haven't seen that port number before. I think I'd try option C and send a GET request to see if I can gather any useful information from the response.
upvoted 0 times
...
Shanda
4 months ago
Okay, this one seems straightforward. I'd go with option B and just telnet to the port to check the banner and see what's running on that port.
upvoted 0 times
...
Amalia
5 months ago
Hmm, the 111/TCP port is often associated with RPC services, so I'd probably go with option A and run 'rpcinfo -p' to see what's running.
upvoted 0 times
...
Mertie
6 months ago
Nah, I'm going with C. Gotta get that juicy banner information, you know? Who needs RPC when you can just brute-force your way in?
upvoted 0 times
Elli
5 months ago
User 1: I think I'll go with A, enumerating RPC services seems like a good idea.
upvoted 0 times
...
...
Thersa
6 months ago
Hmm, telnet to the port and send a GET request? That's so old-school, I'm going with option A - gotta love those RPC services!
upvoted 0 times
Erick
5 months ago
User1: I agree, option A seems like the way to go.
upvoted 0 times
...
...
Elroy
7 months ago
I think the next logical step is to run 'rpcinfo -p ' to enumerate the RPC services.
upvoted 0 times
...

Save Cancel