Which of the following tools would a security administrator use in order to identify all running services
throughout an organization?

A.
Architectural review

B.
Penetration test

C.
Port scanner

D.
Design review

Explanation:
Different services use different ports. When a service is enabled on a computer, a network port is opened for
that service. For example, enabling the HTTP service on a web server will open port 80 on the server. By
determining which ports are open on a remote server, we can determine which services are running on that
server.
A port scanner is a software application designed to probe a server or host for open ports. This is often used by
administrators to verify security policies of their networks and by attackers to identify running services on a host
with the view to compromise it.
A port scan or portscan can be defined as a process that sends client requests to a range of server port
addresses on a host, with the goal of finding an active port. While not a nefarious process in and of itself, it is
one used by hackers to probe target machine services with the aim of exploiting a known vulnerability of that
service. However, the majority of uses of a port scan are not attacks and are simple probes to determine
services available on a remote machine.