CompTIA CASP+ (CAS-003) — Question 367

A hospital is deploying new imaging software that requires a web server for access to images for both local and remote users. The web server allows user authentication via secure LDAP. The information security officer wants to ensure the server does not allow unencrypted access to the imaging server by using
Nmap to gather additional information. Given the following:
✑ The imaging server IP is 192.168.101.24.
✑ The domain controller IP is 192.168.100.1.
✑ The client machine IP is 192.168.200.37.
Which of the following should be used to confirm this is the only open port on the web server?

Answer options

• A. nmap -p 80,443 192.168.101.24
• B. nmap -p 80, 443,389,636 192.168.100.1
• C. nmap ג€"p 80,389 192.168.200.37
• D. nmap -p- 192.168.101.24

Correct answer: D

Explanation

The correct answer is D because using 'nmap -p-' scans all ports on the web server at 192.168.101.24, allowing the identification of any open ports beyond just 80 and 443. The other options are incorrect as they either target the wrong IP address or do not perform a complete port scan, limiting the check to specific ports only.