Which native tool can a security analyst use to map services running on a server to the server's listening ports?

The native tool that a security analyst can use to map services running on a server to its listening ports is Netstat. This command-line utility displays network connections, routing tables, and various network interface statistics, including which ports are currently open and the services that are associated with those ports.

Netstat is particularly useful for identifying active connections and the status of listening ports, allowing analysts to see if any unauthorized services or applications are running on a server. It provides crucial insights into the network state and can help troubleshoot connectivity issues or detect potential security breaches.

While other tools mentioned, such as Netcat and Nmap, serve specific purposes in networking and security assessments, they do not fit the precise function outlined in this question. Netcat is often used for creating TCP/UDP connections and can enable file transfers or remote command execution, while Nmap is a powerful network scanning tool designed for discovering hosts and services on a network. Nessus is primarily a vulnerability scanner that identifies vulnerabilities and misconfigurations in systems rather than mapping services to listening ports. Therefore, Netstat is the most appropriate and direct tool for this particular task.