What types of checks does Nikto perform on web servers?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

What types of checks does Nikto perform on web servers?

Explanation:
Nikto is built to assess web servers by running a broad set of checks that look for known issues and misconfigurations. It combines generic tests that apply to many servers (such as identifying dangerous files, insecure methods, and outdated components) with server-type specific tests tailored to the exact web server software in use (Apache, IIS, Nginx, etc.). This dual approach lets it detect a wide range of vulnerabilities without attempting to exploit them. It does not perform port scanning, continuous live traffic analysis, or credential brute-forcing, which is why the description of generic and server-type specific checks best fits what Nikto does.

Nikto is built to assess web servers by running a broad set of checks that look for known issues and misconfigurations. It combines generic tests that apply to many servers (such as identifying dangerous files, insecure methods, and outdated components) with server-type specific tests tailored to the exact web server software in use (Apache, IIS, Nginx, etc.). This dual approach lets it detect a wide range of vulnerabilities without attempting to exploit them. It does not perform port scanning, continuous live traffic analysis, or credential brute-forcing, which is why the description of generic and server-type specific checks best fits what Nikto does.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy