If you plan on taking the Security+ exam you should have a basic understanding of port scanners. Many blogs on this site include information on ports and port scanners determine what ports are open and in turn, what protocols or services are running on a system. If desired, you can review the following blogs on ports:
Note: This blog is an excerpt from the
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide
.
Port Scanners
A port scanner is a tool used to query a host to determine which ports are open. System administrators use port scanners as part of an overall vulnerability assessment. It is also used as part of an attack, where an attacker tries to learn as much about a server as possible.
Remember this
A port scanner can help determine what services and protocols are running on a remote system by identifying open ports. Port scanners typically take further steps to verify the port is open.
Security+ (SY0-601) Practice Test Questions
SY0-601 Practice Test Questions
Over 385 realistic Security+ practice test questions
At least 10 performance-based questions
All questions include explanations so you’ll know why the correct answers are correct,
and why the incorrect answers are incorrect.
Upgrade Your Resume with the Security+ New Version
Multiple quiz formats to let you use these questions based on the way you learn.
- Learn mode – randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you’ll see the explanation. Click here to see how learn mode works.
- Test mode – randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
- Test mode – 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions.
Pass the First Time You Take It
Get the full bank of SY0-601 Practice Test Questions Here
Click here if you’re looking for SY0-501 Online Study Package
Security+ Full Access Package
 | Pass the First Time! |
Up-to-date Content
New multiple-choice and performance-based
questions added regularly
Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.
Buy The Full Access Study Package Today
60 Days Access
Need more time?
You can easily renew for another 60 days at a significantly reduced price.
All materials are available online shortly after making your payment.
Get the Security+ Full Access Study Package Here
Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using.
This exam is expensive.
Make sure you’re ready before exam day.
Here’s what you’ll get:
- All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. See a demo here. All questions have full explanations so you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
- Over 40 new multiple-choice questions we’ve added after publishing the study guide.
- Over 30 performance-based questions. See a demo here.
- All of the flashcards from the study guide. View them in any Web browser.
- All of the audio from the study guide. Listen to a sample here.
- Access to a free discount code for 10% off your Security+ voucher.
Buy The Full Access Study Package Today
60 Days Access
All materials are available online shortly after making your payment.
Get the Security+ Full Access Study Package Here
The port scanner sends queries to ports of interest and analyzes the reply. If a server answers a query on a specific port, the associated service or protocol is likely running on the server. For example, if a server answers a query on port 25, it indicates that port 25 is open. More specifically, it indicates that the server is probably running SMTP. If port 80 is open, HTTP is probably running, and the server may be a web server such as Apache or Microsoft’s Internet Information Services (IIS).
Even though it’s not recommended for services to use ports other than the well-known ports for specific services, it is possible. Because of this, an open port doesn’t definitively say the related service or protocol is running.
The attacker will use other methods for verification. For example, a fingerprinting attack will send specific protocol queries to the server and analyze the responses. These responses can verify that the service is running and will often include other details about the operating system, since different operating systems often respond differently to specific queries.
A common TCP port scan will send a TCP SYN packet to a specific port of a server as part of the TCP three-way handshake. If the server responds with a SYN/ACK packet, the scanner knows the port is open. However, instead of completing the three-way handshake, the scanner sends a RST packet to reset the connection and then repeats the process with a different port.
Security+ Full Access Package
 | Pass the First Time! |
Up-to-date Content
New multiple-choice and performance-based
questions added regularly
Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.
Buy The Full Access Study Package Today
60 Days Access
Need more time?
You can easily renew for another 60 days at a significantly reduced price.
All materials are available online shortly after making your payment.
Get the Security+ Full Access Study Package Here
Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using.
This exam is expensive.
Make sure you’re ready before exam day.
Here’s what you’ll get:
- All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. See a demo here. All questions have full explanations so you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
- Realistic SY0-601 Security+ Practice Test Questions
- Performance-based questions.
- All of the flashcards from the study guide. View them in any Web browser. See demo here
- All of the audio from the study guide.
- Access to a free discount code for 10% off your Security+ voucher.
Buy The Full Access Study Package Today
60 Days Access
All materials are available online shortly after making your payment.
Get the Security+ Full Access Study Package Here
Other Security+ Study Resources