- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-05-2023 09:34 PM
Which method is used by Discovery to determine if a Host IP is active or alive?
- A. Port Scan
- B. Traceroute
- C. Ping
- D. Classification
What is the correct answer between A and C? Please explain this in detail.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-05-2023 10:11 PM
Hi @BoHyun Jung ,
Not option A Port scanning is the first step in the Discovery process. The Shazzam probe performs port scanning, regardless of whether you use patterns for horizontal discovery.
Correct answer is C.Ping .
Please mark it as helpful and solution propsoed.
Thanks,
Anand
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-05-2023 10:04 PM - edited 12-06-2023 07:21 AM
Hi BoHyun Jung,
The right answer is C , Please read more at below link:- https://docs.servicenow.com/bundle/tokyo-it-operations-management/page/product/discovery/reference/r...
Please mark helpful if it helped you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-05-2023 10:11 PM
Hi @BoHyun Jung ,
Not option A Port scanning is the first step in the Discovery process. The Shazzam probe performs port scanning, regardless of whether you use patterns for horizontal discovery.
Correct answer is C.Ping .
Please mark it as helpful and solution propsoed.
Thanks,
Anand
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
The very first active step in the ServiceNow horizontal discovery process is launching the Shazzam probe. The Shazzam probe executes a port scan across the targeted IP ranges, checking for common TCP and UDP ports (such as 135 for WMI, 22 for SSH, and 161 for SNMP).
Defining "Active" and "Alive": The results of this specific port scan dictate the status of the IP address:
Active: The port scan finds that at least one targeted port is open.
Alive: The port scan reveals that no targeted ports are open, but the host still responded to the scan in some way (for example, by actively refusing the connection), proving the machine is powered on and on the network.
The answer is Port Scan .
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-05-2023 11:05 PM
Hi @BoHyun Jung ,
Correct Answer: C. Ping
The correct method used by ServiceNow Discovery to determine if a host IP is active or alive is similar to a ping scan. This method goes beyond a simple ICMP echo request and includes probes such as TCP SYN to port 443, TCP ACK to port 80, and an ICMP timestamp request. The goal is to identify live targets, not just open ports or services. Therefore, the correct answer is Ping. This method sends an ICMP Echo Request packet to the target host and waits for an ICMP Echo Reply. If a reply is received within a specified timeframe, the host is considered alive. This is the simplest and most direct way to check if a host is actively responding to network traffic, making it the primary method used by ServiceNow Discovery for determining host activity.
Reference: https://www.certlibrary.com/exam/CIS-Discovery
If you found this helpful, a 'like' is the secret handshake of appreciation!
-Prasad
