medium
Single Answer
0Sakis is seeing quite a bit of suspicious activity on his network. After consulting records in his SIEM, it appears that an outside entity is attempting to connect to all of his systems using a TCP connection on port 22. What type of scanning is the outsider likely engaging in?
Answer Options
A
FTP scanning
B
Telnet scanning
C
SSH scanning
D
HTTP scanning
Correct Answer: C
Explanation
SSH uses TCP port 22, so this attack is likely an attempt to scan for open or weakly secured SSH servers. FTP uses ports 20 and 21. Telnet uses port 23, and HTTP uses port 80.