A security analyst sees building sensors on a network that respond on a non-standard port. They suspect there is a custom communication in use. Which action would best confirm the actual service on that port?
Inspect certificate information on the port to identify the device’s service
Check DNS records and see if any service reference matches the suspected protocol
Use a script that tests known commands and checks for specific responses
Rely on a standard port enumeration method to match the displayed banners
Using a specialized scan or script that issues recognized command sequences for these devices reveals the real service. Simple DNS checks only identify publicly registered information, general port enumeration often provides minimal details, and reviewing certificate information helps little if the service is not relying on encryption methods.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a custom communication protocol?
Open an interactive chat with Bash
How can a script test known commands on a port?
Open an interactive chat with Bash
Why is standard port enumeration insufficient for custom services?