CompTIA Server+ (SK0-005) — Question 23

A security analyst suspects a remote server is running vulnerable network applications. The analyst does not have administrative credentials for the server. Which of the following would MOST likely help the analyst determine if the applications are running?

Answer options

• A. User account control
• B. Anti-malware
• C. A sniffer
• D. A port scanner

Correct answer: D

Explanation

A port scanner is the most suitable tool for detecting if specific network applications are active on a server by checking which ports are open and responding. User account control and anti-malware do not help in identifying running services, while a sniffer is used for capturing traffic rather than scanning for open ports.