CompTIA PenTest+ (PT0-003) — Question 64

A penetration tester needs to launch an Nmap scan to find the state of the port for both TCP and UDP services. Which of the following commands should the tester use?

Answer options

• A. nmap -sU -sW -p 1-65535 example.com
• B. nmap -sU -sY -p 1-65535 example.com
• C. nmap -sU -sT -p 1-65535 example.com
• D. nmap -sU -sN -p 1-65535 example.com

Correct answer: C

Explanation

The correct command is option C, as it uses the '-sU' flag for UDP and '-sT' for TCP, allowing the tester to scan both types of services. Option A incorrectly uses '-sW', which is for Window scanning, while option B uses '-sY', which is for SCTP INIT scanning. Option D employs '-sN', which is for TCP NULL scanning, focusing only on TCP and not on both TCP and UDP.