nerdexam
EC-Council

312-50V10 · Question #698

Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern.

The correct answer is A. nmap -p 445 -n -T4 -open 10.1.0.0/16. The fastest Nmap command for scanning a single TCP port across a large subnet combines targeted port specification, disabled DNS resolution, and aggressive timing. Since stealth is not a concern, maximum speed flags can be applied freely.

Scanning Networks

Question

Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern.

Options

  • Anmap -p 445 -n -T4 -open 10.1.0.0/16
  • Bnmap -p 445 -max -Pn 10.1.0.0/16
  • Cnmap -sn -sF 10.1.0.0/16 445
  • Dnmap -s 445 -sU -T5 10.1.0.0/16

How the community answered

(69 responses)
  • A
    75% (52)
  • B
    4% (3)
  • C
    6% (4)
  • D
    14% (10)

Why each option

The fastest Nmap command for scanning a single TCP port across a large subnet combines targeted port specification, disabled DNS resolution, and aggressive timing. Since stealth is not a concern, maximum speed flags can be applied freely.

Anmap -p 445 -n -T4 -open 10.1.0.0/16Correct

The flag -p 445 limits the scan strictly to TCP port 445, -n disables DNS resolution to eliminate lookup delays across all 65,536 hosts in the /16 subnet, and -T4 sets aggressive timing to accelerate probe rates. Together these options produce the fastest complete TCP port 445 scan of the network without introducing unnecessary overhead from host discovery or name resolution.

Bnmap -p 445 -max -Pn 10.1.0.0/16

-max is not a valid Nmap flag, making this command syntactically incorrect and non-functional as written.

Cnmap -sn -sF 10.1.0.0/16 445

-sn performs a ping sweep with no port scanning at all, so combining it with -sF and a port number does not produce a valid port 445 scan.

Dnmap -s 445 -sU -T5 10.1.0.0/16

-s 445 is not a recognized Nmap flag, and -sU specifies a UDP scan rather than the TCP scan required to check port 445.

Concept tested: Nmap flags for fast targeted TCP port scanning

Source: https://nmap.org/book/man-briefoptions.html

Topics

#Nmap#port scanning#TCP scan#network reconnaissance

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice