Exam PT1-002 topic 1 question 53 discussion

Actual exam question from CompTIA's PT1-002

Question #: 53
Topic #: 1

A penetration tester is looking for a vulnerability that enables attackers to open doors via a specialized TCP service that is used for a physical access control system. The service exists on more than 100 different hosts, so the tester would like to automate the assessment. Identification requires the penetration tester to:
✑ Have a full TCP connection
✑ Send a `hello` payload
✑ Walt for a response
✑ Send a string of characters longer than 16 bytes
Which of the following approaches would BEST support the objective?

A. Run nmap ג€"Pn ג€"sV ג€"script vuln <IP address>.
B. Employ an OpenVAS simple scan against the TCP port of the host.
C. Create a script in the Lua language and use it with NSE.
D. Perform a credentialed scan with Nessus.

Show Suggested Answer

Suggested Answer: C 🗳️

by rogal at Nov. 28, 2021, 3:38 p.m.

Comments

Submit Cancel

rogal

Highly Voted 3 years, 5 months ago

Selected Answer: C

C should be the answer

upvoted 9 times

Davar39

3 years, 4 months ago

I agree with C. The Nmap Scripting Engine (NSE) is one of Nmap's most powerful and flexible features. It allows users to write (and share) simple scripts (using the Lua programming language ) to automate a wide variety of networking tasks. https://nmap.org

upvoted 6 times

...

jp2137

Most Recent 2 years, 5 months ago

Selected Answer: C

nmap will work well with lua scripts

upvoted 2 times

...

Charlieb123

3 years, 1 month ago

Selected Answer: C

C you can create an Nmap script to perform exactly what you require.

upvoted 2 times

...

Exam PT1-002 All Questions

View all questions & answers for the PT1-002 exam

Exam PT1-002 topic 1 question 53 discussion

Comments

rogal

Davar39

jp2137

Charlieb123

SY0-701