CompTIA Security+ (SY0-501) — Question 491

A security administrator needs to conduct a full inventory of all encryption protocols and cipher suites. Which of the following tools will the security administrator use to conduct this inventory MOST efficiently?

Answer options

• A. tcpdump
• B. Protocol analyzer
• C. Netstat
• D. Nmap

Correct answer: D

Explanation

Nmap is the correct choice because it can actively scan networks to discover services and their associated protocols and cipher suites. While tcpdump and a protocol analyzer can capture and analyze traffic, they are not as efficient for a full inventory compared to Nmap's scanning capabilities. Netstat provides information about active connections but does not offer detailed insights into encryption protocols or cipher suites.