Scenario
Nmap results were collected from five lab servers. Identify each role and the non-compliant port that needs attention.
Your task: Review the evidence and select the best analyst response for each field.
| Evidence | Details |
|---|---|
| server1.lab.local | 192.168.1.10, ports 53 and 3306 |
| server2.lab.local | 192.168.1.20, port 23 |
| server3.lab.local | 192.168.1.30, ports 80 and 443 |
| server4.lab.local | 192.168.1.40, ports 21, 139, 445 |
| server5.lab.local | 192.168.1.50, ports 25 and 993 |
Analyst Decisions
Instructor Answer
- MySQL on 3306 points to a database role.
- Telnet on 23 is insecure because credentials are sent in plaintext.
- HTTP/HTTPS indicate a web server, while SMB ports indicate a file server.
- SMTP/IMAPS indicate a mail server; SMTP can be abused if exposed or misconfigured.