An analyst wants to use a command line tool to identify open ports and running services on a host along with the application that is associated with those services and port. Which of the following should the analyst use?
A. Wireshark
B. Qualys
C. netstat
D. nmap
E. ping
CS0-002: CompTIA CySA+ ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
 |
I have changed my answer to netstat.
Here is a more precise comment:
nmap ==> remotely and locally
netstat ==> locally only
Since the question doesn’t specify local or remote, the BEST answer is nmap.
nmap x.x.x.x
See what that returns.
It will give you open ports on a host, tell you if they’re open, and what service is running on that single host (x.x.x.x).
Using netstat won’t give you the “service” or application. It will give you a PID which you would have to look up using a
2nd tool such as “Resource Monitor” or “Task Manager” to figure out what that Process ID (PID) is linked to.
So, unless someone has a better explanation, I’m sticking w/ nmap as my answer.
For localhos it’s netstat; for remote devices – nmap
Answer is netstat
Netstat
Absolutely sure: nmap