A network administrator wishes to ensure there are no unnecessary open communication paths into a server. Using a port scanner, the administrator finds that ports are reported as closed. Which of the following BEST explains this response?
A.
The ports belong to an active system and are denying requests
B.
The ports are associated with deprecated services
A is correct. If you send an SYN packet to a closed port, an RST flag will be sent back.
“When a port is closed, RFC 793 behavior is to respond with an RST “reset” packet.”
It seems Nmap is creating some confusion here as its states are defined a bit different. But even in case of considering Nmap to be our port scanner, then choice C is closer to the answer, rather than choice B.
Since the question has not specified 'Nmap', choice A is the Best.
When a port scanner is used, several port states may be reported:
1. Open/listening: The host sent a reply indicating that a service is listening on
the port. There was a response from the port.
2. Closed or denied or not listening: No process is listening on that port.
Access to this port will likely be denied.
3. Filtered or blocked: There was no reply from the host, meaning that the
port is not listening or the port is secured and filtered.
When a port is closed, no process is listening on that port and access to
this port will likely be denied. When the port is open/listening, the host sends
a reply indicating that a service is listening on the port. When the port is
filtered or blocked, there is no reply from the host, meaning that the port is
not listening or the port is secured and filtered.
B is correct.
"A closed port is accessible (it receives and responds to Nmap probe packets), but there is no application listening on it... Administrators may want to consider blocking such ports with a firewall. Then they would appear in the filtered state, discussed next.
filtered
Nmap cannot determine whether the port is open because packet filtering prevents its probes from reaching the port."
So if it was A, then it would show up as "filtered" rather than "closed".
I see no reason why a deprecated service wouldn't respond to a port scan the same way it always responded. Deprecation doesn't mean something doesn't work anymore, it's just that there's usually a newer version.
B is correct. Popular port scanner "Nmap" defines a closed port as follows:
"A closed port is accessible (it receives and responds to Nmap probe packets), but there is no application listening on it."
This section is not available anymore. Please use the main Exam Page.N10-007 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
pshimsmart
Highly Voted 5 years agomarkychaz
4 years, 11 months agoNisita
1 year, 7 months agoMyName7
Most Recent 3 years, 6 months agoMyName7
3 years, 6 months agoaynur_ganbarova
3 years, 6 months agoRenfri
3 years, 3 months agoCallas
3 years, 6 months agoNeela
4 years, 5 months agosocket_master
4 years, 6 months agoCarlosJamesColumna
4 years, 8 months agoCarlosJamesColumna
4 years, 8 months agoPrimal
4 years, 9 months agoScott_brily
4 years, 9 months agoJavier25
4 years, 11 months ago