How does --version-intensity affect version detection (and when would you adjust it)?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the Nmap/ZenMap Switches Test. Prepare with flashcards and multiple choice questions, each question provides hints and explanations. Get ready for your exam!

Multiple Choice

How does --version-intensity affect version detection (and when would you adjust it)?

Explanation:
Version detection works by sending a set of probes to services and analyzing the responses to identify what version is running. The --version-intensity setting determines how aggressive those probes are. At lower values, Nmap uses a lighter probe set, which means scans are faster and gentler on the network, but you may miss some details or fail to fingerprint stubborn services. At higher values, the probe set becomes more thorough, trying more probes and fingerprinting techniques to extract precise version information. This yields more accurate or complete results, but it also makes the scan longer and more noticeable to the target’s defenses. You’d raise the intensity when you need deeper or more reliable version details—for example, when the default probes can’t identify a service, or you’re conducting a focused audit where exact versions matter and you’re willing to accept increased scan time. You’d keep it lower when scanning many hosts, in sensitive environments, or when you want to minimize traffic and detection risk.

Version detection works by sending a set of probes to services and analyzing the responses to identify what version is running. The --version-intensity setting determines how aggressive those probes are. At lower values, Nmap uses a lighter probe set, which means scans are faster and gentler on the network, but you may miss some details or fail to fingerprint stubborn services. At higher values, the probe set becomes more thorough, trying more probes and fingerprinting techniques to extract precise version information. This yields more accurate or complete results, but it also makes the scan longer and more noticeable to the target’s defenses.

You’d raise the intensity when you need deeper or more reliable version details—for example, when the default probes can’t identify a service, or you’re conducting a focused audit where exact versions matter and you’re willing to accept increased scan time. You’d keep it lower when scanning many hosts, in sensitive environments, or when you want to minimize traffic and detection risk.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy