CompTIA Security+ (SY0-601) — Question 11

A penetration tester was able to compromise an internal server and is now trying to pivot the current session in a network lateral movement. Which of the following tools, if available on the server, will provide the MOST useful information for the next assessment step?

Answer options

• A. Autopsy
• B. Cuckoo
• C. Memdump
• D. Nmap

Correct answer: D

Explanation

Nmap is a powerful network scanning tool that can discover hosts and services on a network, making it the most useful for lateral movement assessment. Autopsy is focused on digital forensics, Cuckoo is a malware analysis system, and Memdump deals with memory analysis, which are not as suitable for immediate network reconnaissance.