CompTIA PenTest+ (PT0-002) — Question 7

A penetration tester needs to perform a vulnerability scan against a web server. Which of the following tools is the tester MOST likely to choose?

Answer options

• A. Nmap
• B. Nikto
• C. Cain and Abel
• D. Ethercap

Correct answer: B

Explanation

Nikto is specifically designed for scanning web servers for vulnerabilities, making it the most suitable choice. Nmap is primarily used for network discovery and security auditing but is not specialized for web vulnerabilities. Cain and Abel is a password recovery tool, while Ethercap is used for network packet manipulation, neither of which are appropriate for web server vulnerability scanning.