Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

The SecOps Group Exam CNSP Topic 12 Question 4 Discussion

Actual exam question for The SecOps Group's CNSP exam
Question #: 4
Topic #: 12
[All CNSP Questions]

If you find the 111/TCP port open on a Unix system, what is the next logical step to take?

Show Suggested Answer Hide Answer
Suggested Answer: A

Port 111/TCP is the default port for the RPC (Remote Procedure Call) portmapper service on Unix systems, which registers and manages RPC services.

Why A is correct: Running rpcinfo -p <hostname> queries the portmapper to list all registered RPC services, their programs, versions, and associated ports. This is a logical next step during a security audit or penetration test to identify potential vulnerabilities (e.g., NFS or NIS services). CNSP recommends this command for RPC enumeration.

Why other options are incorrect:

B . Telnet to the port to look for a banner: Telnet might connect, but RPC services don't typically provide a human-readable banner, making this less effective than rpcinfo.

C . Telnet to the port, send 'GET / HTTP/1.0' and gather information from the response: Port 111 is not an HTTP service, so an HTTP request is irrelevant and will likely fail.

D . None of the above: Incorrect, as A is a valid and recommended step.


by Claribel at Mar 23, 2025, 01:25 PM

Limited Time Offer

25%

Off

Get Premium CNSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Bernadine
6 days ago
Wait, 111/TCP? That's the port for the Remote Procedure Call (RPC) service. I'm definitely going with A. Gotta love that RPC enumeration!
upvoted 0 times
...
Arlette
9 days ago
Hmm, this one's tricky. I'll go with C. Might as well try to get some web server details while we're at it.
upvoted 0 times
...
Cherelle
10 days ago
D, really? None of the above? That's too easy. I'm going with A. Enumerating the RPC services could uncover some juicy information.
upvoted 0 times
...
Refugia
11 days ago
C looks good to me. Sending a GET request to the port could reveal useful information about the web server running on the system.
upvoted 0 times
...
Virgie
12 days ago
I think both options are valid, but I would go with telnet to the port and send 'GET / HTTP/1.0' to gather information from the response.
upvoted 0 times
...
Mitzie
13 days ago
I think the answer is B. Telnet to the port to look for a banner. This is a classic way to gather information about the service running on the port.
upvoted 0 times
...
Jean
19 days ago
But running 'rpcinfo -p ' can help us identify the services running on that port.
upvoted 0 times
...
Inocencia
22 days ago
I disagree, I believe we should telnet to the port to look for a banner.
upvoted 0 times
...
Jean
24 days ago
I think the next logical step is to run 'rpcinfo -p ' to enumerate the RPC services.
upvoted 0 times
...

Save Cancel