LPIC-2 Exam 202 (Linux Engineer) — Question 85

For what purpose is TCP/IP stack fingerprinting used by nmap?

Answer options

• A. It is used to determine the remote operating system.
• B. It is used to filter out responses from specific servers.
• C. It is used to identify duplicate responses from the same remote server.
• D. It is used to masquerade the responses of remote servers.
• E. It is used to uniquely identify servers on the network for forensics.

Correct answer: A

Explanation

The correct answer is A because TCP/IP stack fingerprinting is specifically designed to analyze the characteristics of a device's TCP/IP stack to determine its operating system. The other options do not accurately describe the purpose of this technique; B and C relate to response handling, D involves deception which is not a function of fingerprinting, and E pertains to identification for forensics, rather than OS detection.