CompTIA PenTest+ (PT0-002) — Question 296

A penetration tester would like to know if any web servers or mail servers are running on the in-scope network segment. Which of the following is the best to use in this scenario?

Answer options

• A. ARP scans
• B. Website crawling
• C. DNS lookups
• D. Nmap probes

Correct answer: D

Explanation

Nmap probes are the best choice for identifying active servers on a network since Nmap is designed for network discovery and security auditing. ARP scans can reveal devices on the local network but do not specifically identify services like web or mail servers. Website crawling is focused on content retrieval rather than server discovery, and DNS lookups may provide some information but are limited in scope for identifying active services.