Our customer would like to have advance knowledge about the potential impacts of the assessment scan. They specifically request detailed information on which ports and types of communication and behavior occur during the endpoint assessment's Worm scenario and Hopper's LLMNR/NBT-NS Poisoning and relay tests.
On the Knowledge Base, I found information stating that for Worm scenario test, communication occur through SMB (port 445) and RPC (port 135), for Hopper's LLMNR/NBT-NS poisoning and relay is tested through LLMNR - UDP (port 5355) and NBT-NS - UDP (port 137).
However, there is a lack of information regarding the specific communication and behavior that takes place through these ports. Therefore, I kindly request further information on the exact nature of communication and behavior that occurs via these ports.