312-50V11 · Question #336
A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use?
The correct answer is B. -sP. The -sP flag performs a ping sweep to identify which hosts are currently active on a network without scanning individual ports. It is the correct switch for fast host discovery.
Question
A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use?
Options
- A-sO
- B-sP
- C-sS
- D-sU
How the community answered
(29 responses)- A7% (2)
- B90% (26)
- D3% (1)
Why each option
The -sP flag performs a ping sweep to identify which hosts are currently active on a network without scanning individual ports. It is the correct switch for fast host discovery.
-sO performs an IP protocol scan to enumerate which Layer 3 protocols a host supports, not a sweep to identify active hosts across a subnet.
The -sP flag (called a ping scan or ping sweep) sends ICMP echo requests combined with TCP and ARP probes to determine which IP addresses have live hosts responding. This is the most direct NMAP method for mapping active addresses across a range and is still functional in modern NMAP versions, though -sn is now the preferred equivalent flag.
-sS performs a TCP SYN stealth scan against specific ports on a target to identify open services, requiring a known host rather than discovering live hosts.
-sU performs a UDP port scan to find open UDP services on a target host and does not function as a network-wide host discovery mechanism.
Concept tested: NMAP ping sweep for active IP host discovery
Source: https://nmap.org/book/man-host-discovery.html
Topics
Community Discussion
No community discussion yet for this question.