Final answer:
Nmap is the primary tool used for conducting network discovery scans, designed to map out a computer network and identify devices, services, and security measures.
Step-by-step explanation:
The tool that is used primarily to perform network discovery scans is A. Nmap. Nmap (Network Mapper) is an open-source tool for network exploration and security auditing.
It is designed to discover hosts and services on a computer network, thus building a "map" of the network.
Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services those hosts are offering, what operating systems they are running, what type of packet filters/firewalls are in use, and numerous other characteristics.
While B. Nessus is a vulnerability scanning program, C. Metasploit is used for security testing and developing exploit code, and D. lsof (list open files) is a utility to list all open files and the processes that opened them, these tools do not specialize in discovery scanning as Nmap does.