Free Top CompTIA Pentest+ PT0-003 Actual Exam Questions - Question 14 Discussion
[Attacks and Exploits] You are a penetration tester running port scans on a server. INSTRUCTIONS Part 1: Given the output, construct the command that was used to generate this output from the available options. Part 2: Once the command is appropriately constructed, use the given output to identify the potential attack vectors that should be investigated further. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. 
I agree option C fits well for the SYN scan, but also consider why ports 22 and 80 are open—SSH could be vulnerable to brute force or outdated ciphers, HTTP might have web app flaws. Another angle is to check for default or weak credentials since those services often get exploited that way. Even if it’s a stealth scan, the attacker’s probing those specific services for a reason, so focusing on them makes sense for follow-up testing.
Option C for the command, and look into open SSH and HTTP ports.
Option C looks right, but also watch out for UDP port scans as a possible vector.
Option C seems right since it matches the SYN scan pattern shown.
I agree that option C fits well for the scan type, but I’d also point out that option D can be ruled out since it’s a full connect scan, which would show different flag behavior. The ports 22 (SSH) and 80 (HTTP) being open definitely highlight common attack vectors like brute forcing SSH or web-based exploits, so those should be top of the list to check further.
Option C fits because it shows a stealth SYN scan, which matches the partial scan flags in the output. The open ports suggest looking into services running on 22 and 80 for possible exploits.
Looks like the scan used option C for a stealth scan; option A seems too obvious.