During a penetration test we determine that TCP port 22 is listening on a target host. Knowing that SSHD is the typical service that listens on that port we attempt to validate that assumption with an SSH client but our effort Is unsuccessful. It turns out that it is actually an Apache webserver listening on the port, which type of scan would have helped us to determine what service was listening on port 22?
To determine what service is listening on a specific port, such as TCP port 22 in this case, a version scan would be the appropriate tool. Version scanning can identify the software version and potentially the name of the service running on the port by analyzing the banner or other details provided by the service. This method would have revealed that an Apache webserver, not SSHD, was listening on port 22.
The correct answer is A. The version scan will tell you the version from the banner of the service running on the target port. This will let you know that the Apache server is running. Network sweeps are a way to find hosts.
The correct answer is A.