Exam Question- Nessus or NMAP?

jamesindcjamesindc Member Posts: 23 ■■■□□□□□□□
Which of the following would a network administrator MOST likely use to actively discover unsecure services running on a company's network?

a. IDS
b. Nessus
c. NMAP
d. Firewall

I chose b. Nessus, but the answer is c. NMAP.

Can someone please explain the difference so I can answer Nessus / NMAP questions correctly on the Network+ exam I'm taking next week?

Thank you!

Comments

  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    NMAP is a quick command line tool to discover devices and open ports...where Nessus is a vulnerability scanner you would usually use to identify missing patches or vulnerable systems. Typically you won’t see network administrators using pure security tools like vulnerability scanners...at least in normal sized organizations.

    I could see how the question would be challenging as it’s more so “what is most likely to happen in real life?”...something you might not be familiar with at the Network+ experience level.
  • [Deleted User][Deleted User] Senior Member Posts: 0 ■■□□□□□□□□
    Nessus even though may detect open ports/services, the main use of Nessus is for a vulnerability assessment to identify vulnerable versions of software installed, missing patches etc. Now if they asked for which one performed a vulnerability assessment, then it would be Nessus. Nmap is just a port scanning tool to test for open ports/services. Ex: Nmap -sV does a Version detection on an open port. Also, since a vulnerability assessment will generate a lot of unnecessary network traffic, a network admin won't want to overload the network. Hope this helps man! Sorry probably a longer answer then what is necessary. Good luck with your studies!
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    The best real-life answer is B - Nessus. The "network administrator" part makes nmap the more correct answer b/c a network admin isn't likely to use nessus (although I don't know any who know anything about nmap, either!). "unsecure" throws the question off a bit. nmap isn't going to do much to tell you about the security of a running service (it does have a few vuln scripts, but they aren't that great). nessus is MUCH better at doing that. a bad question. I'd leave network admin in & remove unsecure to make it more correct.

    jamesindc wrote: »
    Which of the following would a network administrator MOST likely use to actively discover unsecure services running on a company's network?

    a. IDS
    b. Nessus
    c. NMAP
    d. Firewall

    I chose b. Nessus, but the answer is c. NMAP.

    Can someone please explain the difference so I can answer Nessus / NMAP questions correctly on the Network+ exam I'm taking next week?

    Thank you!
Sign In or Register to comment.