Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

The SecOps Group Exam CNSP Topic 12 Question 4 Discussion

Actual exam question for The SecOps Group's CNSP exam
Question #: 4
Topic #: 12
[All CNSP Questions]

If you find the 111/TCP port open on a Unix system, what is the next logical step to take?

Show Suggested Answer Hide Answer
Suggested Answer: A

Port 111/TCP is the default port for the RPC (Remote Procedure Call) portmapper service on Unix systems, which registers and manages RPC services.

Why A is correct: Running rpcinfo -p <hostname> queries the portmapper to list all registered RPC services, their programs, versions, and associated ports. This is a logical next step during a security audit or penetration test to identify potential vulnerabilities (e.g., NFS or NIS services). CNSP recommends this command for RPC enumeration.

Why other options are incorrect:

B . Telnet to the port to look for a banner: Telnet might connect, but RPC services don't typically provide a human-readable banner, making this less effective than rpcinfo.

C . Telnet to the port, send 'GET / HTTP/1.0' and gather information from the response: Port 111 is not an HTTP service, so an HTTP request is irrelevant and will likely fail.

D . None of the above: Incorrect, as A is a valid and recommended step.


by Claribel at Mar 23, 2025, 01:25 PM

Limited Time Offer

25%

Off

Get Premium CNSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Bernadine
3 months ago
Wait, 111/TCP? That's the port for the Remote Procedure Call (RPC) service. I'm definitely going with A. Gotta love that RPC enumeration!
upvoted 0 times
Lashaun
1 months ago
User4: RPC enumeration for the win!
upvoted 0 times
...
Pearlene
1 months ago
User3: I think I'll go with option A too, seems like the logical next step.
upvoted 0 times
...
Marci
1 months ago
User2: Definitely, that's the best way to enumerate RPC services.
upvoted 0 times
...
Carolynn
1 months ago
User1: I agree, running 'rpcinfo -p ' is the way to go.
upvoted 0 times
...
Evelynn
1 months ago
Great, let's see what RPC services we can enumerate on the system.
upvoted 0 times
...
Ressie
2 months ago
Definitely, it's a crucial step in assessing the security of the Unix system.
upvoted 0 times
...
Felicitas
2 months ago
I think that's a good idea. It's important to gather information about the RPC services.
upvoted 0 times
...
Noemi
3 months ago
User 2: Definitely, that's the best way to enumerate RPC services on Unix systems.
upvoted 0 times
...
Latanya
3 months ago
User 1: I agree, running 'rpcinfo -p ' is the way to go.
upvoted 0 times
...
Reiko
3 months ago
I agree, RPC enumeration is the way to go. Let's run 'rpcinfo -p '
upvoted 0 times
...
...
Arlette
3 months ago
Hmm, this one's tricky. I'll go with C. Might as well try to get some web server details while we're at it.
upvoted 0 times
...
Cherelle
3 months ago
D, really? None of the above? That's too easy. I'm going with A. Enumerating the RPC services could uncover some juicy information.
upvoted 0 times
...
Refugia
3 months ago
C looks good to me. Sending a GET request to the port could reveal useful information about the web server running on the system.
upvoted 0 times
...
Virgie
3 months ago
I think both options are valid, but I would go with telnet to the port and send 'GET / HTTP/1.0' to gather information from the response.
upvoted 0 times
...
Mitzie
3 months ago
I think the answer is B. Telnet to the port to look for a banner. This is a classic way to gather information about the service running on the port.
upvoted 0 times
Alonso
3 months ago
User3: I agree, it's a classic way to identify the service running on the port.
upvoted 0 times
...
Alex
3 months ago
User2: That's a good point. It's a common method to gather information about the service.
upvoted 0 times
...
Alison
3 months ago
User1: I think the answer is B. Telnet to the port to look for a banner.
upvoted 0 times
...
...
Jean
4 months ago
But running 'rpcinfo -p ' can help us identify the services running on that port.
upvoted 0 times
...
Inocencia
4 months ago
I disagree, I believe we should telnet to the port to look for a banner.
upvoted 0 times
...
Jean
4 months ago
I think the next logical step is to run 'rpcinfo -p ' to enumerate the RPC services.
upvoted 0 times
...

Save Cancel