The SecOps Group Exam CNSP Topic 12 Question 4 Discussion

Actual exam question for The SecOps Group's CNSP exam

Question #: 4
Topic #: 12

[All CNSP Questions]

If you find the 111/TCP port open on a Unix system, what is the next logical step to take?

ARun 'rpcinfo -p <hostname>' to enumerate the RPC services.

BTelnet to the port to look for a banner.

CTelnet to the port, send 'GET / HTTP/1.0' and gather information from the response.

DNone of the above.

Show Suggested Answer

Suggested Answer: A

Port 111/TCP is the default port for the RPC (Remote Procedure Call) portmapper service on Unix systems, which registers and manages RPC services.

Why A is correct: Running rpcinfo -p <hostname> queries the portmapper to list all registered RPC services, their programs, versions, and associated ports. This is a logical next step during a security audit or penetration test to identify potential vulnerabilities (e.g., NFS or NIS services). CNSP recommends this command for RPC enumeration.

Why other options are incorrect:

B . Telnet to the port to look for a banner: Telnet might connect, but RPC services don't typically provide a human-readable banner, making this less effective than rpcinfo.

C . Telnet to the port, send 'GET / HTTP/1.0' and gather information from the response: Port 111 is not an HTTP service, so an HTTP request is irrelevant and will likely fail.

D . None of the above: Incorrect, as A is a valid and recommended step.

by Claribel at Mar 23, 2025, 01:25 PM

Limited Time Offer

25%

Off

Get Premium CNSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Bernadine

2 months ago

Wait, 111/TCP? That's the port for the Remote Procedure Call (RPC) service. I'm definitely going with A. Gotta love that RPC enumeration!

upvoted 0 times

Ressie

3 days ago

Definitely, it's a crucial step in assessing the security of the Unix system.

upvoted 0 times

...

Felicitas

4 days ago

I think that's a good idea. It's important to gather information about the RPC services.

upvoted 0 times

...

Noemi

30 days ago

User 2: Definitely, that's the best way to enumerate RPC services on Unix systems.

upvoted 0 times

...

Latanya

1 months ago

User 1: I agree, running 'rpcinfo -p ' is the way to go.

upvoted 0 times

...

Reiko

1 months ago

I agree, RPC enumeration is the way to go. Let's run 'rpcinfo -p '

upvoted 0 times

...

Arlette

2 months ago

Hmm, this one's tricky. I'll go with C. Might as well try to get some web server details while we're at it.

upvoted 0 times

...

Cherelle

2 months ago

D, really? None of the above? That's too easy. I'm going with A. Enumerating the RPC services could uncover some juicy information.

upvoted 0 times

...

Refugia

2 months ago

C looks good to me. Sending a GET request to the port could reveal useful information about the web server running on the system.

upvoted 0 times

...

Virgie

2 months ago

I think both options are valid, but I would go with telnet to the port and send 'GET / HTTP/1.0' to gather information from the response.

upvoted 0 times

...

Mitzie

2 months ago

I think the answer is B. Telnet to the port to look for a banner. This is a classic way to gather information about the service running on the port.

upvoted 0 times

Alonso

1 months ago

User3: I agree, it's a classic way to identify the service running on the port.

upvoted 0 times

...

Alex

1 months ago

User2: That's a good point. It's a common method to gather information about the service.

upvoted 0 times

...

Alison

1 months ago

User1: I think the answer is B. Telnet to the port to look for a banner.

upvoted 0 times

...

Jean

2 months ago

But running 'rpcinfo -p ' can help us identify the services running on that port.

upvoted 0 times

...

Inocencia

2 months ago

I disagree, I believe we should telnet to the port to look for a banner.

upvoted 0 times

...

Jean

2 months ago

I think the next logical step is to run 'rpcinfo -p ' to enumerate the RPC services.

upvoted 0 times

...