CompTIA Security+ (SY0-601) — Question 129

An organization is concerned that its hosted web servers are not running the most updated version of the software. Which of the following would work BEST to help identify potential vulnerabilities?

Answer options

• A. hping3 -S comptia-org -p 80
• B. nc -l -v comptia.org -p 80
• C. nmap comptia.org -p 80 -sV
• D. nslookup –port=80 comptia.org

Correct answer: C

Explanation

The correct answer, C, uses nmap with the -sV option to detect the service version running on the web server, which helps identify if it is up to date or has vulnerabilities. Options A, B, and D do not provide version detection capabilities; A uses hping3 for SYN scans, B is a basic netcat listener, and D is for DNS queries, which are not suitable for assessing software vulnerabilities.