+ Reply to Thread
Results 1 to 4 of 4
  1. Junior Member Registered Member
    Join Date
    Oct 2015
    Posts
    4
    #1

    Default Exam Question- Nessus or NMAP?

    Which of the following would a network administrator MOST likely use to actively discover unsecure services running on a company's network?

    a. IDS
    b. Nessus
    c. NMAP
    d. Firewall

    I chose b. Nessus, but the answer is c. NMAP.

    Can someone please explain the difference so I can answer Nessus / NMAP questions correctly on the Network+ exam I'm taking next week?

    Thank you!
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    May 2013
    Posts
    1,346

    Certifications
    CISSP, CISA, GWAPT, GSEC, C|EH, CCNA:Security, CCNA:R&S, CCENT, Security+, Network+
    #2
    NMAP is a quick command line tool to discover devices and open ports...where Nessus is a vulnerability scanner you would usually use to identify missing patches or vulnerable systems. Typically you won’t see network administrators using pure security tools like vulnerability scanners...at least in normal sized organizations.

    I could see how the question would be challenging as it’s more so “what is most likely to happen in real life?”...something you might not be familiar with at the Network+ experience level.
    Reply With Quote Quote  

  4. Senior Member kMastaFlash's Avatar
    Join Date
    Aug 2012
    Posts
    930

    Certifications
    A+, Network+,Security+, DECA-ISM v2, MCP, MTAx2 , CCENT, CCNA R&S,C|EH,C|HFI,Linux+,LPIC-1,E|CSS,E|CES,GPEN,OSWP,Server+,LPT,GCIH,E|CIH,E|CSA
    #3
    Nessus even though may detect open ports/services, the main use of Nessus is for a vulnerability assessment to identify vulnerable versions of software installed, missing patches etc. Now if they asked for which one performed a vulnerability assessment, then it would be Nessus. Nmap is just a port scanning tool to test for open ports/services. Ex: Nmap -sV does a Version detection on an open port. Also, since a vulnerability assessment will generate a lot of unnecessary network traffic, a network admin won't want to overload the network. Hope this helps man! Sorry probably a longer answer then what is necessary. Good luck with your studies!
    2018: ICND2,E|CSP,CISSP,CCNA-Security,CSA+,eCRE.CAST 611,CWNA, Start SANS Graduate Certificate PenTesting
    2019: CCSK, JNCIA,SANS Graduate Certificate PenTesting,eLearnSecurity courses
    2020:LPIC-2,SANS Graduate Certificate PenTesting
    Reply With Quote Quote  

  5. Senior Member 636-555-3226's Avatar
    Join Date
    Jul 2015
    Posts
    910

    Certifications
    Lots of security certifications, yet the more I learn, the further I have to go...
    #4
    The best real-life answer is B - Nessus. The "network administrator" part makes nmap the more correct answer b/c a network admin isn't likely to use nessus (although I don't know any who know anything about nmap, either!). "unsecure" throws the question off a bit. nmap isn't going to do much to tell you about the security of a running service (it does have a few vuln scripts, but they aren't that great). nessus is MUCH better at doing that. a bad question. I'd leave network admin in & remove unsecure to make it more correct.


    Quote Originally Posted by jamesindc View Post
    Which of the following would a network administrator MOST likely use to actively discover unsecure services running on a company's network?

    a. IDS
    b. Nessus
    c. NMAP
    d. Firewall

    I chose b. Nessus, but the answer is c. NMAP.

    Can someone please explain the difference so I can answer Nessus / NMAP questions correctly on the Network+ exam I'm taking next week?

    Thank you!
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks