Examice

Exam PT0-002 All QuestionsBrowse all questions from this exam

Question 314

A penetration tester conducted a discovery scan that generated the following:

Which of the following commands generated the results above and will transform them into a list of active hosts for further analysis?

nmap –oG list.txt 192.168.0.1-254 | sort

nmap –sn 192.168.0.1-254 | grep “Nmap scan” | awk ‘{print $5}’

nmap ––open 192.168.0.1-254 | uniq | sed ‘s/Nmap//2’ > file.txt

nmap –O 192.168.0.1-254 | cut –f

Correct Answer: B

The output displayed shows the results of a network scan that includes the IP addresses and latency times of hosts that are up. To generate this type of result and transform it into a list of active hosts, the correct command would use options to perform a host discovery scan, filter the results, and extract the relevant information. The command 'nmap –sn 192.168.0.1-254 | grep “Nmap scan” | awk ‘{print $5}’' aligns with this requirement. It performs a ping scan (-sn) to identify up hosts, uses grep to filter the lines containing 'Nmap scan', and then utilises awk to extract and print the fifth field, which corresponds to the IP addresses. This sequence of steps will generate a list of active hosts from the scan results.

Discussion

aee9303Option: B

nmap –sn 192.168.0.1-254 | grep “Nmap scan” | awk ‘{print $5}’ The output are ping scans, identifiable because they have latency times. Ping: -sn The piping is taking the one thing and adding the next. awk is outputting to a table, in this case it means to output by printing the five scans (to the screen).

ER1Option: B

The output are ping scans, identifiable because they have latency times.

PhillyCheeseOption: B

Explanation: -sn disables port scanning and performs host discovery only. grep "Nmap scan" filters the output to lines containing the phrase “Nmap scan.” awk '{print $5}' extracts the fifth field (IP addresses) from the filtered lines1. This provides a list of active hosts.

DustyRex1Option: B

This command performs a ping scan (-sn) to identify which hosts are up in the given range (192.168.0.1-254), filters the lines containing "Nmap scan" using grep, and then extracts the fifth field (the IP address) using awk.

Big_DreOption: C

The given command uses nmap, uniq, and sed to perform a scan on a range of IP addresses, filter the output, and save the results to a file. Here's a breakdown of each part of the command: nmap ––open 192.168.0.1-254: This command uses nmap to perform a scan (-–open) on the IP range from 192.168.0.1 to 192.168.0.254. The --open option tells nmap to show only the hosts with at least one open port. | uniq: The uniq command filters the output to remove duplicate lines. This can be useful if there are repeated entries in the nmap output. | sed ‘s/Nmap//2’: The sed command is used to perform a substitution (s) operation on the output. Specifically, it removes the second occurrence of the word "Nmap" from each line. > file.txt: This part of the command redirects the processed output to a file named file.txt. In summary, the command scans the specified IP range to identify hosts with open ports, removes duplicate lines from the output, removes the second occurrence of the word "Nmap" from each line, and then saves the processed output to a file named file.txt.