CompTIA PenTest+ (PT1-002) — Question 105

A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running. Which of the following would
BEST support this task?

Answer options

• A. Run nmap with the ג€"o, -p22, and ג€"sC options set against the target
• B. Run nmap with the ג€"sV and ג€"p22 options set against the target
• C. Run nmap with the --script vulners option set against the target
• D. Run nmap with the ג€"sA option set against the target

Correct answer: C

Explanation

The correct answer is C because the --script vulners option in nmap specifically targets known vulnerabilities and CVEs, making it ideal for identifying exploitable weaknesses. Options A and B focus on service detection without vulnerability scanning, while option D is for OS detection, none of which directly address CVE identification.