CompTIA PenTest+ (PT0-002) — Question 237

During a vulnerability scan a penetration tester enters the following Nmap command against all of the non-Windows clients:

nmap –sX –T4 –p 21-25, 67, 80, 139, 8080 192.168.11.191

The penetration tester reviews the packet capture in Wireshark and notices that the target responds with an RST packet flag set for all of the targeted ports. Which of the following does this information most likely indicate?

Answer options

• A. All of the ports in the target range are closed.
• B. Nmap needs more time to scan the ports in the target range.
• C. The ports in the target range cannot be scanned because they are common UDP ports.
• D. All of the ports in the target range are open.

Correct answer: A

Explanation

The correct answer is A because receiving an RST packet indicates that the ports are closed. Option B is incorrect as the scan would not require more time if the ports are closed. Option C is not applicable since the Nmap command is scanning TCP ports, not UDP. Option D is wrong because the RST response clearly shows that the ports are not open.