EC-Council
312-50V10 · Question #97
312-50V10 Question #97: Real Exam Question with Answer & Explanation
The correct answer is A: A scan in which all flags are turned off. A NULL scan is a TCP port scanning technique where a probe packet is sent with all TCP flags cleared to zero, used to infer port state on target systems.
Question
What is a NULL scan?
Options
- AA scan in which all flags are turned off
- BA scan in which certain flags are off
- CA scan in which all flags are on
- DA scan in which the packet size is set to zero
- EA scan with a illegal packet size
Explanation
A NULL scan is a TCP port scanning technique where a probe packet is sent with all TCP flags cleared to zero, used to infer port state on target systems.
Common mistakes.
- B. A scan with only certain flags off describes other scan types such as FIN or XMAS scans, not a NULL scan where every flag is cleared.
- C. A scan with all flags turned on describes an XMAS scan, which is the direct opposite of a NULL scan.
- D. Packet size is unrelated to TCP flag configuration; a NULL scan is defined entirely by its flag state, not by packet size.
- E. An illegal packet size is a separate concept unrelated to a NULL scan, which specifically refers to the absence of any TCP flag bits.
Concept tested. TCP NULL scan definition and flag configuration
Reference. https://nmap.org/book/man-port-scanning-techniques.html
Community Discussion
No community discussion yet for this question.