Skip to Content

CompTIA PT0-002: What is the Best Nmap Command to Identify Common TCP Ports?

By: Author Alex Lim

Posted on  - Last updated:

Categories Exam

Learn the most effective Nmap command to scan for the most common TCP ports on a target IP address. Our guide explains the best options for efficient port discovery.

Table of Contents

Question

A penetration tester wants to identify the most common TCP ports on 10.7.8.69. Which of the following is the best Nmap command for this task?

A. nmap 10.7.8.69 -sS -sA -sV -F
B. nmap 10.7.8.69 -sT -sA -p1-65535
C. nmap 10.7.8.69 -sC -sV -Pn
D. nmap 10.7.8.69 -sX -sU –top-ports

Answer

D. nmap 10.7.8.69 -sX -sU –top-ports

Explanation

The -sX option in Nmap enables Christmas tree scan, which sends packets with FIN, URG, and PSH flags set. However, this scan type is not ideal for identifying common TCP ports. The -sU option enables UDP scanning, which is irrelevant for this task.

The –top-ports option is used to scan the most common ports, but without specifying a number, it defaults to scanning the top 1000 ports. This is not the most efficient approach for identifying the most common TCP ports.

Option A uses -sS for TCP SYN scan, -sA for ACK scan, -sV for version detection, and -F to scan the top 100 ports. While this combination can provide useful information, it is not the most efficient for identifying common TCP ports.

Option B uses -sT for TCP connect scan, -sA for ACK scan, and -p1-65535 to scan all ports. Scanning all ports is time-consuming and unnecessary for identifying the most common ones.

Option C uses -sC for default script scan, -sV for version detection, and -Pn to skip host discovery. This combination is useful for a comprehensive scan but not specifically tailored to identify common TCP ports.

Therefore, none of the provided options are the best Nmap command for identifying the most common TCP ports on the target IP address. The most suitable command would be:

nmap 10.7.8.69 -sT –top-ports 20

This command uses -sT for TCP connect scan and –top-ports 20 to scan only the top 20 most common TCP ports, providing an efficient way to identify the most frequently used ports on the target system.

CompTIA PT0-002 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the CompTIA PT0-002 exam and earn CompTIA PT0-002 certification.