Which of the following tools would a security administrator use in order to identify all running services throughout an organization?
A.
Architectural review
B.
Penetration test
C.
Port scanner
D.
Design review
Explanation:
Different services use different ports. When a service is enabled on a computer, a network port is opened for that service. For example, enabling the HTTP service
on a web server will open port 80 on the server. By determining which ports are open on a remote server, we can determine which services are running on thatserver.
A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their
networks and by attackers to identify running services on a host with the view to compromise it. A port scan or portscan can be defined as a process that sends
client requests to a range of server port addresses on a host, with the goal of finding an active port. While not a nefarious process in and of itself, it is one used by
hackers to probe target machine services with the aim of exploiting a known vulnerability of that service. However the majority of uses of a port scan are not attacks
and are simple probes to determine services available on a remote machine.
Incorrect Answers:
A: An architectural review is a review of the network structure (servers, switches, routers, network topology etc.). It does not list running services on computers.
Therefore, this answer is incorrect.
B: Penetration testing evaluates an organization’s ability to protect its networks, applications, computers and users from attempts to circumvent its security controls
to gain unauthorized or privileged access to protected assets. It is not used to list services running on computers.
Therefore, this answer is incorrect.
D: A design review is the process of reviewing the design of something; examples include reviewing the design of the network or the design of a software
application. It is not used to list services running on computers. Therefore, this answer is incorrect.http://en.wikipedia.org/wiki/Port_scanner