CompTIA PenTest+ (PT0-002) — Question 115

A consultant just performed a SYN scan of all the open ports on a remote host and now needs to remotely identify the type of services that are running on the host. Which of the following is an active reconnaissance tool that would be BEST to use to accomplish this task?

Answer options

• A. tcpdump
• B. Snort
• C. Nmap
• D. Netstat
• E. Fuzzer

Correct answer: C

Explanation

Nmap is the most suitable tool for actively probing a host to identify running services, as it can provide detailed information about open ports and associated services. Tcpdump and Snort are primarily used for packet capture and intrusion detection, while Netstat is a local utility for viewing network connections. A Fuzzer is typically used for testing application security, not for service identification.