Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CompTIA Exam PT0-003 Topic 4 Question 6 Discussion

Actual exam question for CompTIA's PT0-003 exam
Question #: 6
Topic #: 4
[All PT0-003 Questions]

A penetration tester is conducting reconnaissance on a target network. The tester runs the following Nmap command: nmap -sv -sT -p - 192.168.1.0/24. Which of the following describes the most likely purpose of this scan?

Show Suggested Answer Hide Answer
Suggested Answer: C

The Nmap command nmap -sv -sT -p- 192.168.1.0/24 is designed to discover services on a network. Here is a breakdown of the command and its purpose:

Command Breakdown:

nmap: The network scanning tool.

-sV: Enables service version detection. This option tells Nmap to determine the version of the services running on open ports.

-sT: Performs a TCP connect scan. This is a more reliable method of scanning as it completes the TCP handshake but can be easily detected by firewalls and intrusion detection systems.

-p-: Scans all 65535 ports. This ensures a comprehensive scan of all possible TCP ports.

192.168.1.0/24: Specifies the target network range (subnet) to be scanned.

Purpose of the Scan:

Service Discovery (Answer: C): The primary purpose of this scan is to discover


Service discovery is a common task in penetration testing to map out the network services and versions, as seen in various Hack The Box (HTB) write-ups where comprehensive service enumeration is performed before further actions.

Conclusion: The nmap -sv -sT -p- 192.168.1.0/24 command is most likely used for service discovery, as it aims to identify all running services and their versions on the target subnet.

Contribute your Thoughts:

Vivienne
3 months ago
I think it's for attack path mapping, to understand the potential ways to breach the network.
upvoted 0 times
...
Janine
3 months ago
I believe it could also be for OS fingerprinting, to identify the operating system of the target.
upvoted 0 times
...
Benton
3 months ago
I agree with Giuseppe, the Nmap command is likely used for service discovery.
upvoted 0 times
...
Giuseppe
3 months ago
I think the purpose of this scan is service discovery.
upvoted 0 times
...
Kenneth
4 months ago
I agree with Raymon. Service discovery is the name of the game here. Gotta know what you're dealing with before you can start exploiting anything.
upvoted 0 times
...
Katie
4 months ago
Haha, user enumeration? Really? This is a basic network scan, not a targeted attack. These answer choices are kind of silly.
upvoted 0 times
Thora
4 months ago
C) Service discovery
upvoted 0 times
...
Jodi
4 months ago
A) OS fingerprinting
upvoted 0 times
...
...
Raymon
4 months ago
The correct answer is C. Service discovery. This scan is just trying to figure out what services are running on the network, not do any kind of enumeration or fingerprinting.
upvoted 0 times
...
Ahmed
4 months ago
Hmm, I'm not so sure. The -sT TCP connect scan seems more like an attack path mapping technique to me. Gotta find those juicy attack vectors!
upvoted 0 times
...
Tamesha
4 months ago
I think the purpose is definitely service discovery. Nmap's -sv option does a version scan to identify the running services on the target network.
upvoted 0 times
Malcom
3 months ago
I believe it could be for attack path mapping.
upvoted 0 times
...
Junita
3 months ago
I think it might also be for OS fingerprinting.
upvoted 0 times
...
Mirta
4 months ago
I agree, the purpose of the scan is service discovery.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77