A company's security policy requires a stealthy scan to minimize the chances of detection by a target system's intrusion detection system (IDS). Which Nmap command would perform a SYN scan, spoof the source port to appear as 53 (DNS), and avoid scanning port 22 on the target 10.0.0.12?
The correct answer is nmap -sS -g 53 --exclude-ports 22 10.0.0.12. The -sS flag specifies a SYN scan, which is considered stealthier than a full connect scan. The -g 53 option sets the source port to 53, which may help in evading certain IDS configurations by making the scan traffic appear to be related to DNS. The --exclude-ports 22 option ensures that port 22 is not scanned. The other answers use incorrect scan types or invalid flags for the required actions, making them unsuitable for the scenario.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a SYN scan in Nmap?
Open an interactive chat with Bash
Why use the -g 53 flag to set the source port to 53 in Nmap?
Open an interactive chat with Bash
What is the purpose of the --exclude-ports option in Nmap?