CompTIA CySA+ (CS0-002) — Question 60

A security analyst needs to assess the web-server versions on a list of hosts to determine which are running a vulnerable version of the software and then output that list into an XML file named webserverlist.xml. The host list is provided in a file named webserverlist.txt. Which of the following Nmap commands would BEST accomplish this goal?

Answer options

• A. nmap –iL webserverlist.txt –sC –p 443 –oX webserverlist.xml
• B. nmap –iL webserverlist.txt –sV –p 443 –oX webserverlist.xml
• C. nmap –iL webserverlist.txt –F –p 443 –oX weberserverlist.xml
• D. nmap --takefile webserverlist.txt --outputfileasXML webserverlist.xml --scanports 443

Correct answer: B

Explanation

The correct answer is B because it uses the -sV option to probe for service versions, which is essential for identifying vulnerable web-server versions. Option A uses -sC, which runs default scripts but does not specifically check for version vulnerabilities, while option C contains a typo in the output filename and uses the -F option, which is not suitable for version detection. Option D has incorrect syntax for Nmap commands, making it invalid.