How would you invoke NSE scripts for a specific category, and how would you run the default safe scripts only?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the Nmap/ZenMap Switches Test. Prepare with flashcards and multiple choice questions, each question provides hints and explanations. Get ready for your exam!

Multiple Choice

How would you invoke NSE scripts for a specific category, and how would you run the default safe scripts only?

Explanation:
You test how NSE scripts are selected and run by using the --script option to filter what gets executed, and you use a shorthand to run the built-in safe default set. Invoking NSE scripts by category or name is straightforward: pass a category name (like discovery) or a specific script name after --script. This tells Nmap exactly which scripts to run. You can also list multiple categories or scripts separated by commas to combine sets, for example --script discovery,safe to run both discovery and safe scripts in one scan. To run only the default safe scripts, use the shorthand -sC, which is equivalent to --script=default. This runs the predefined default set of scripts, designed to be safe for routine scanning. The other options don’t fit as cleanly for these goals: using --script-args is for passing parameters to scripts rather than selecting which scripts to run; -A enables a broad probe set (OS, version, script scanning, traceroute) and isn’t limited to the default safe subset; explicitly listing discovery and safe and ignoring -sC would run more than just the default safe set.

You test how NSE scripts are selected and run by using the --script option to filter what gets executed, and you use a shorthand to run the built-in safe default set.

Invoking NSE scripts by category or name is straightforward: pass a category name (like discovery) or a specific script name after --script. This tells Nmap exactly which scripts to run. You can also list multiple categories or scripts separated by commas to combine sets, for example --script discovery,safe to run both discovery and safe scripts in one scan.

To run only the default safe scripts, use the shorthand -sC, which is equivalent to --script=default. This runs the predefined default set of scripts, designed to be safe for routine scanning.

The other options don’t fit as cleanly for these goals: using --script-args is for passing parameters to scripts rather than selecting which scripts to run; -A enables a broad probe set (OS, version, script scanning, traceroute) and isn’t limited to the default safe subset; explicitly listing discovery and safe and ignoring -sC would run more than just the default safe set.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy