When would you use -sC versus -sV and -A, and what does the -A option enable?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Nmap and ZenMap Tests. Access flashcards and multiple choice questions, with hints and explanations for each question. Ensure success in your exam!

Multiple Choice

When would you use -sC versus -sV and -A, and what does the -A option enable?

Explanation:
Understanding how Nmap’s script, version, and aggressive options work together helps you choose the right scan setup for fingerprinting a target. The default NSE scripts are run with the script-scan option. This adds extra checks and information by running a set of scripts against the discovered services. Version detection with the version option analyzes open ports to determine the exact service names and versions running behind them. The aggressive mode ties these together with extra steps: it enables OS detection, version detection, script scanning (using the default NSE scripts), and traceroute. This makes the scan thorough, giving you a comprehensive fingerprint, but it also makes the scan heavier and more noticeable on the network. So, the combination described—default NSE scripts, version detection, and aggressive detection including OS detection and scripts—best matches when you want thorough fingerprinting. The other statements misstate what the switches do: -sC does not disable NSE scripts; it actually runs them. -sV does not detect only OS, it focuses on identifying service versions. -A does not disable OS detection; it enables it along with version detection, script scanning, and traceroute.

Understanding how Nmap’s script, version, and aggressive options work together helps you choose the right scan setup for fingerprinting a target.

The default NSE scripts are run with the script-scan option. This adds extra checks and information by running a set of scripts against the discovered services. Version detection with the version option analyzes open ports to determine the exact service names and versions running behind them. The aggressive mode ties these together with extra steps: it enables OS detection, version detection, script scanning (using the default NSE scripts), and traceroute. This makes the scan thorough, giving you a comprehensive fingerprint, but it also makes the scan heavier and more noticeable on the network.

So, the combination described—default NSE scripts, version detection, and aggressive detection including OS detection and scripts—best matches when you want thorough fingerprinting. The other statements misstate what the switches do: -sC does not disable NSE scripts; it actually runs them. -sV does not detect only OS, it focuses on identifying service versions. -A does not disable OS detection; it enables it along with version detection, script scanning, and traceroute.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy