CompTIA PenTest+ (PT0-001) — Question 41

A penetration tester ran the following Nmap scan on a computer: nmap -aV 192.168.1.5
The organization said it had disabled Telnet from its environment. However, the results of the Nmap scan show port 22 as closed and port 23 as open to SSH.
Which of the following is the BEST explanation for what happened?

Answer options

• A. The organization failed to disable Telnet.
• B. Nmap results contain a false positive for port 23.
• C. Port 22 was filtered.
• D. The service is running on a non-standard port.

Correct answer: A

Explanation

The correct answer is A because the presence of an open port 23 for SSH indicates that Telnet was not properly disabled, which contradicts the organization's claim. Option B is incorrect as Nmap results are generally reliable, and options C and D do not explain the open status of port 23 related to Telnet.