Active Recon Quiz: Can You Master Scanning & Enumeration?

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Thames
T
Thames
Community Contributor
Quizzes Created: 7097 | Total Attempts: 80,150
| Questions: 20 | Updated: Jul 2, 2026
Quiz
Please wait...
Question 1 / 21
🏆 Rank #--
0 %
0/100
Score 0/100

1. Which Nmap option allows you to specify a custom port range for scanning?

Submit
Please wait...
About This Quiz
Active Recon Quiz: Can You Master Scanning & Enumeration? - Quiz

This quiz evaluates your understanding of Active Reconnaissance (PenTest+) techniques, covering network scanning, service enumeration, and information gathering. Learn to identify open ports, detect running services, and map network topology\u2014essential skills for penetration testers. Master the tools and methodologies that form the foundation of ethical hacking assessments.

2.

What first name or nickname would you like us to use?

You may optionally provide this to label your report, leaderboard, or certificate.

2. Port 3306 is typically associated with which database service?

Submit

3. True or False: Active Reconnaissance requires explicit written authorization from the target organization.

Submit

4. Which Nmap scripting engine script category is most useful for vulnerability detection during enumeration?

Submit

5. WHOIS queries during Active Reconnaissance help identify ______ and administrative contact information.

Submit

6. Which port state in Nmap indicates a firewall is actively rejecting connections?

Submit

7. Traceroute and MTR tools are used during Active Reconnaissance to map network ______ and identify intermediate hops.

Submit

8. What is the primary risk of Active Reconnaissance (PenTest+) operations?

Submit

9. Which HTTP response code indicates a resource exists but requires authentication?

Submit

10. Active Reconnaissance differs from passive reconnaissance in that it directly ______ the target network.

Submit

11. Which TCP port scanning technique sends SYN packets and waits for SYN-ACK responses without completing the three-way handshake?

Submit

12. UDP scanning with Nmap is slower than TCP scanning because UDP is a ______ protocol.

Submit

13. What is the standard port number for SSH (Secure Shell) service?

Submit

14. Which tool is commonly used for DNS enumeration and zone transfer attempts?

Submit

15. In Active Reconnaissance, banner grabbing is used to identify ______ and patch levels of services.

Submit

16. Which scanning technique sends packets with no TCP flags set to determine firewall filtering rules?

Submit

17. What does OSINT stand for in the context of reconnaissance?

Submit

18. Nmap's default scan type uses a ______ to identify open, closed, and filtered ports.

Submit

19. Which Nmap parameter is used to enable aggressive scanning with OS detection, version detection, and script scanning?

Submit

20. What is the primary purpose of service enumeration during Active Reconnaissance (PenTest+)?

Submit
×
Saved
Thank you for your feedback!
View My Results
Cancel
  • All
    All (20)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
Which Nmap option allows you to specify a custom port range for...
Port 3306 is typically associated with which database service?
True or False: Active Reconnaissance requires explicit written...
Which Nmap scripting engine script category is most useful for...
WHOIS queries during Active Reconnaissance help identify ______ and...
Which port state in Nmap indicates a firewall is actively rejecting...
Traceroute and MTR tools are used during Active Reconnaissance to map...
What is the primary risk of Active Reconnaissance (PenTest+)...
Which HTTP response code indicates a resource exists but requires...
Active Reconnaissance differs from passive reconnaissance in that it...
Which TCP port scanning technique sends SYN packets and waits for...
UDP scanning with Nmap is slower than TCP scanning because UDP is a...
What is the standard port number for SSH (Secure Shell) service?
Which tool is commonly used for DNS enumeration and zone transfer...
In Active Reconnaissance, banner grabbing is used to identify ______...
Which scanning technique sends packets with no TCP flags set to...
What does OSINT stand for in the context of reconnaissance?
Nmap's default scan type uses a ______ to identify open, closed, and...
Which Nmap parameter is used to enable aggressive scanning with OS...
What is the primary purpose of service enumeration during Active...
play-Mute sad happy unanswered_answer up-hover down-hover success oval cancel Check box square blue
Alert!