NMAP Scanning Methods Quiz

Questions and Answers

Which method is used to determine the OS of the device using the Fortinet IoT query service?

• FortiGuard method (correct)
• Passive method
• HTTP/HTTPS method
• IP range method

What is required to enable the FortiGuard device profiling method?

• Match Custom Attributes option
• Location method
• Firewall session polling
• FortiCare support contract (correct)

Which method configures the FortiNAC device to attempt to open a connection with the device it is trying to profile?

• Location method
• ONVIF profiling method
• HTTP/HTTPS method (correct)
• Passive method

What is required for the IP range method to result in a match?

The IP-address of a device falls within one of the ranges (B)

Which method evaluates network traffic generated or received by the device being profiled?

Network Traffic method (C)

What is required to leverage the ONVIF profiling method?

Communication between the FortiNAC device and the device being profiled (C)

Which method uses p0f, a passive TCP/IP fingerprinting tool?

Passive method (A)

What must be set up to use firewall session polling?

Firewall session polling (C)

Which option must be used to match against attributes like Category, Subcategory, Vendor, Model, Operating System, Sub Operating System?

Match Custom Attributes option (D)

What is used to determine a match in the location method?

Device connects to the selected location on your network (D)

Which method attempts to load a page and/or enter designated credentials to profile a device?

HTTP/HTTPS method (D)

What does the FortiGuard method use to determine the OS of the device?

Fortinet IoT query service (B)

What does the active method use to match a connected host?

Operating system detail information gathered during the NMAP scan (D)

What does the DHCP fingerprinting method evaluate?

DHCP packets received by the FortiNAC device (D)

What does the FortiGate method leverage to determine a match?

Firewall session information (D)

Which custom attributes are supported by the DHCP fingerprinting method?

DHCP message type, option list, vendor class, host name, parameter list, operating system (C)

What is used to match a custom value in the active method?

Key values found in the NMAP scan results (A)

What is ignored when using the Match Custom Attributes option in DHCP fingerprinting?

Fields left blank (B)

What does the FortiGate method return a pass for?

Matching operating system (B)

What does the FortiGate method evaluate against in the Match Custom Attributes option?

Defined hostname or operating system values (B)

What does the active method allow to customize for almost any environment?

Exact string match or regular expression (A)

What does the DHCP fingerprinting method identify using option lists and parameters seen in the DHCP packets?

Fingerprints (A)

What is used to match a connected host in the active method instead of using the existing database entries?

Custom values found in the NMAP scan results (B)

What does the DHCP fingerprinting method use to evaluate against defined hostname or operating system values?

Firewall session information (B)

Flashcards are hidden until you start studying