312-50V10 · Question #185
Which of the following Nmap commands will produce the following output?
The correct answer is C. nmap -sS -sU -Pn -p 1-65535 192.168.1.1. The described Nmap output requires a scan covering both TCP and UDP protocols across all 65535 ports with host discovery disabled. Only one command includes all these flags correctly.
Question
Which of the following Nmap commands will produce the following output?
Exhibit
Options
- Anmap -sT -sX -Pn -p 1-65535 192.168.1.1
- Bnmap -sN -Ps -T4 192.168.1.1
- Cnmap -sS -sU -Pn -p 1-65535 192.168.1.1
- Dnmap -sS -Pn 192.168.1.1
How the community answered
(46 responses)- A4% (2)
- B9% (4)
- C72% (33)
- D15% (7)
Why each option
The described Nmap output requires a scan covering both TCP and UDP protocols across all 65535 ports with host discovery disabled. Only one command includes all these flags correctly.
Combining -sT (TCP connect scan) and -sX (Xmas scan) specifies two conflicting TCP scan types and includes no UDP scan (-sU), so it cannot produce output containing UDP results.
The -sN (Null scan) only performs a TCP scan and omits -p 1-65535, so this command only scans the default 1000 ports and produces no UDP results.
The flags -sS (TCP SYN stealth scan) and -sU (UDP scan) together instruct Nmap to scan both TCP and UDP ports simultaneously. The -Pn flag disables host discovery (ping), allowing scans against hosts that block ICMP. Combined with -p 1-65535, this command scans every possible port on both protocols, which would produce comprehensive output showing TCP and UDP port states across the full port range.
The -sS -Pn command only performs a TCP SYN scan against the default top 1000 ports with no UDP scanning, producing far less comprehensive output than indicated.
Concept tested: Nmap TCP/UDP full port scan syntax
Source: https://nmap.org/book/man-port-scanning-techniques.html
Topics
Community Discussion
No community discussion yet for this question.
