Exam PT0-002 topic 1 question 101 discussion

This is a terrible question it should be a one of the Linux option you do not usually interact with windows over SSH

The only open ports are 21 and 80. Linux server commonly comes with these ports open by default. If it were windows, you should likely see ports 88, 135, 139, 445, 3389 etc... The closed ports indicate that no service is running but they aren't blocked by a firewall, they just send a RST flag upon connection. It could be windows with heavily modified networking but Occam's razor says this is Ubuntu.

Port 139 is part of the NetBIOS over TCP/IP suite, typically used in older versions of Windows for sharing resources. Modern Windows systems also use port 445 (SMB) for this purpose, but port 139 is still a significant indicator of a Windows environment, especially when found in conjunction with port 3389 (RDP). In this scan: Port 3389 (RDP) is closed but detected, pointing toward Windows. Port 139 (NetBIOS) is closed but present, which is another strong indicator of a Windows system. Taken together, the presence of both RDP on port 3389 and NetBIOS on port 139 strongly suggests that the target machine is running Windows, rather than a Linux-based OS.

If nmap scans port 3389 and finds it closed, but still identifies the service as RDP (Remote Desktop Protocol), this generally suggests that the target machine is likely Windows. Port 3389 is the default port for RDP, which is a service primarily used on Windows systems. There's no trick questions, b0ad9e1

Port 3389 is Windows rdp. So, the answer is C.

Ubuntu Tell me you have never used NMAP without saying you have never used NMAP. This is a trick question. The closed state means that the port is accessible from nmap probe packets but there is no application listening on it. The closed RDP and NetBIOS ports are a red herring. Those ports are closed, so there is no service configured. See https://nmap.org/book/man-port-scanning-basics.html Ubuntu is the ONLY Linux distro on this list that has port 80 open by default, but the issue is it works with super user. When I take the test, if I see this question, my answer is Ubuntu.

Tell me you have never used NMAP without saying you have never used NMAP. This is a trick question. The closed state means that the port is accessible from nmap probe packets but there is no application listening on it. The closed RDP and NetBIOS ports are a red herring. Those ports are closed, so there is no service configured. See https://nmap.org/book/man-port-scanning-basics.html Ubuntu is the ONLY Linux distro on this list that has port 80 open by default, but the issue is it works with super user. When I take the test, if I see this question, my answer is Ubuntu.

C: Windows, it's a tricky question. The OPEN ports are of an linux system BUT nmap shows all ports it can identify on a target system OPEN and closed. A port 3389 (RDP service) does not exist on linux systems.

Based on the Nmap scan results, the ports that are open are 22 (SSH) and 80 (HTTP). These are commonly used ports for web and SSH services on a Linux server. Ports like 3389 (RDP), which is common on Windows systems, and 139 (NetBIOS), are closed, indicating that this is less likely to be a Windows machine. Given the choices: A. CentOS B. Arch Linux C. Windows Server D. Ubuntu The target is MOST likely running a Linux-based operating system, either CentOS, Arch Linux, or Ubuntu. However, SSH and HTTP are very commonly used in enterprise-level Linux distributions like CentOS or Ubuntu. Given the limited information, it's a toss-up between CentOS and Ubuntu, but either of these would be more likely than Arch Linux for a production environment. So the most likely options are: A. CentOS D. Ubuntu

Linux does not use rdp only windows

If it is netbios on port 139, it is C