CompTIA PenTest+ (PT0-002) — Question 400

A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running.
Which of the following would BEST support this task?

Answer options

• A. Run nmap with the -O, -p22, and -sC options set against the target.
• B. Run nmap with the -sV and -p22 options set against the target.
• C. Run nmap with the --script vulners option set against the target.
• D. Run nmap with the -sA option set against the target.

Correct answer: C

Explanation

The correct answer is C because running nmap with the --script vulners option allows the tester to scan for known vulnerabilities and CVEs related to the target services. Options A and B provide information about the OS and service versions but do not specifically identify vulnerabilities, while option D focuses on determining if the ports are open but lacks vulnerability assessment capabilities.