ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 426 discussion

Actual exam question from CompTIA's CS0-003
Question #: 426
Topic #: 1
[All CS0-003 Questions]

A security analyst receives an alert with the following packet capture attached:



Which of the following has occurred?

  • A. sslscan reconnaissance
  • B. A password stuffing attack
  • C. An Nmap scan
  • D. An nc reverse shell
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by iliecomptia at May 2, 2025, 7:03 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Justheretolook
1 month ago
Selected Answer: C
The correct answer is: C. An Nmap scan Explanation: The packet capture shows a TCP three-way handshake sequence between 10.203.10.17 and 10.203.10.23 on port 22 (SSH): 1. SYN from source to destination. 2. SYN-ACK in response. 3. ACK from source to complete the handshake. 4. Then a RST (Reset) is sent, terminating the connection. This behavior is typical of a port scan, particularly from Nmap, when used with options like -sS (TCP SYN scan) or more specifically -sT (TCP connect scan), which completes the handshake and then resets the connection without sending further data. Nmap does this to check for open ports without actually establishing a prolonged connection.
upvoted 3 times
...
iliecomptia
1 month, 3 weeks ago
Selected Answer: C
This looks like a TCP connect Scan from Nmap. Refference: https://nmap.org/book/scan-methods-connect-scan.html
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel