A Linux administrator needs to perform a network scan on a server to identify open ports as part of a security audit. To minimize the likelihood of detection by a firewall or IDS, the administrator wants to use a "stealth" scanning technique that does not complete the full TCP three-way handshake. Which of the following nmap commands would accomplish this?
The correct command is nmap -sS <target_ip>. The -sS option performs a TCP SYN scan, which is also known as a "half-open" or "stealth" scan. This technique sends a SYN packet and awaits a response. If a SYN/ACK packet is received, the port is considered open, and nmap immediately sends an RST packet to tear down the connection before the three-way handshake is completed. This method is less likely to be logged than a full connect scan.
nmap -sT <target_ip> performs a TCP connect scan, which completes the full three-way handshake and is easily logged.
nmap -sU <target_ip> performs a UDP scan, which is a different protocol and does not involve a TCP handshake.
nmap -sn <target_ip> performs a "ping scan" to discover live hosts without scanning for open ports.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of the TCP three-way handshake?
Open an interactive chat with Bash
Why is a TCP SYN scan considered 'stealthy'?
Open an interactive chat with Bash
What are the differences between TCP SYN, TCP connect, and UDP scans in nmap?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access