ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 192 discussion

Actual exam question from CompTIA's CS0-002
Question #: 192
Topic #: 1
[All CS0-002 Questions]

A security analyst is reviewing the output of tcpdump to analyze the type of activity on a packet capture:

Which of the following generated the above output?

  • A. A port scan
  • B. A TLS connection
  • C. A vulnerability scan
  • D. A ping sweep
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by robullo at Oct. 4, 2022, 10:26 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
robullo
Highly Voted 2 years, 9 months ago
Selected Answer: A
Port scan againts 442-446 ports. For port 443 the scanner closed the connection after SYN-ACK.
upvoted 5 times
2Fish
2 years, 3 months ago
Agree. A looks to be the best answer here.
upvoted 1 times
...
...
novolyus
Most Recent 1 year, 7 months ago
Selected Answer: A
Por scan huge as a cathedral
upvoted 1 times
...
kmordalv
1 year, 10 months ago
Selected Answer: A
A port scan generated the output. The output shows that tcpdump captured packets with different flags, such as SYN, ACK, RST, and FIN, which indicate different stages of the TCP three-way handshake or connection termination. The output also shows that the source IP address 192.168.1.100 sent packets to different destination ports on the target IP address 192.168.1.101, such as 22, 23, 25, 80, and 443.
upvoted 2 times
...
Stiobhan
2 years, 3 months ago
Someone probably needs to explain the captured log in detail, then we will have a full answer. I vote that someone is from Exam Topics, you know the "Experts" that they say are verifying these answers! Isn't that part of what is in the brief when we are paying our money!!
upvoted 3 times
...
tendaisanyamahwe
2 years, 7 months ago
Selected Answer: C
You do port scanning when you are looking for vulnerabilities....so port scanning can be considered part of vulnerability scanning....please i want to be corrected
upvoted 3 times
NickDrops
2 years, 5 months ago
I get what you're saying, but this could be a port scan only. There isn't enough info to tell whether its a vulnerability can. A Vulnerability scan would need to brin back possible OS (i think) and vulnerability (I'm sure) info.
upvoted 1 times
...
...
Tag
2 years, 9 months ago
Selected Answer: A
definitely port scan ports 442-446 scanned, scan from 192.168.0.1 >> target 192.168.1.1
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel