CompTIA PenTest+ (PT0-002) — Question 347

A penetration tester is working to identify non-relational databases on the 10.0.0.1/24 subnet as well as the version of software. Which of the following commands should the tester use to achieve the objective?

Answer options

• A. nmap 10.0.0.1/24 -p 3306 --script=mysql*
• B. nmap 10.0.0.1/24 -p 27017 --script=mong*
• C. nmap 10.0.0.1/24 -p 5432--script=pgsql*
• D. nmap 10.0.0.1/24 -p 1433 --script=ms-sql*

Correct answer: B

Explanation

The correct answer is B because it targets port 27017, which is associated with MongoDB, a non-relational database. Options A, C, and D target MySQL, PostgreSQL, and Microsoft SQL Server respectively, which are relational databases and do not meet the requirement of identifying non-relational databases.