CompTIA Security Plus Mock Test Q657

Sara, the Chief Information Officer (CIO), has requested an audit take place to determine what services and operating systems are running on the corporate network. Which of the following should be used to complete this task?

A. Fingerprinting and password crackers
B. Fuzzing and a port scan
C. Vulnerability scan and fuzzing
D. Port scan and fingerprinting


Correct Answer: D
Section: Threats and Vulnerabilities

Explanation:
Different services use different ports. When a service is enabled on a computer, a network port is opened for that service. For example, enabling the HTTP service on a web server will
open port 80 on the server. By determining which ports are open on a remote server, we can determine which services are running on that server.
A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their networks and by
attackers to identify running services on a host with the view to compromise it.
A port scan or portscan can be defined as a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port. While not a
nefarious process in and of itself, it is one used by hackers to probe target machine services with the aim of exploiting a known vulnerability of that service. However the majority of
uses of a port scan are not attacks and are simple probes to determine services available on a remote machine.
Fingerprinting is a means of ascertaining the operating system of a remote computer on a network. Fingerprinting is more generally used to detect specific versions of applications or
protocols that are run on network servers. Fingerprinting can be accomplished “passively” by sniffing network packets passing between hosts, or it can be accomplished “actively” by
transmitting specially created packets to the target machine and analyzing the response

Incorrect Answers:
A: Fingerprinting is a means of ascertaining the operating system of a remote computer on a network. However, a password cracker is not used to determine which services are
running on network computers.
B: A port scan can be used to determine which services are running on network computers. However fuzzing is not used to determine which operating system the computers are
running. Fuzzing is a security assessment technique that allows testers to analyze the behavior of software applications by entering unexpected input.
C: A vulnerability scanner is software designed to assess computers, computer systems, networks or applications for weaknesses. A vulnerability scan will scan for weaknesses
(vulnerabilities) in a system. It could provide information about which services are running but it is not specifically designed for this purpose. Fuzzing is not used to determine which
operating system the computers are running or which services are running on the computers. Fuzzing is a security assessment technique that allows testers to analyze the behavior of
software applications by entering unexpected input.

References:
http://en.wikipedia.org/wiki/Port_scanner
http://www.yourdictionary.com/fingerprinting