CompTIA PenTest+ (PT0-002) — Question 61

A penetration tester will be performing a vulnerability scan as part of the penetration test on a client's website. The tester plans to run several Nmap scripts that probe for vulnerabilities while avoiding detection. Which of the following Nmap options will the penetration tester MOST likely utilize?

Answer options

• A. -а8 -T0
• B. --script "http*vuln*"
• C. -sn
• D. -O -A

Correct answer: B

Explanation

The correct answer is B, as using the '--script "http*vuln*"' option allows the tester to specifically target HTTP vulnerability scripts, which is essential for probing web applications. Options A, C, and D do not focus on scanning for vulnerabilities in web applications and either alter scan timing, perform ping scans, or enable OS detection, which are not aligned with the tester's goal.