312-50V13 · Question #215
Techno Security Inc. recently hired John as a penetration tester. He was tasked with identifying open ports in the target network and determining whether the ports are online and any firewall rule set
The correct answer is C. nmap -sn -PS < target IP address >. To perform a TCP SYN ping scan with Nmap to check host online status and firewall rules, the command nmap -sn -PS <target IP address> is used.
Question
Options
- Anmap -sn -pp < target ip address >
- Bnmap -sn -PO < target IP address >
- Cnmap -sn -PS < target IP address >
- Dnmap -sn -PA < target IP address >
How the community answered
(35 responses)- A3% (1)
- B9% (3)
- C71% (25)
- D17% (6)
Why each option
To perform a TCP SYN ping scan with Nmap to check host online status and firewall rules, the command `nmap -sn -PS <target IP address>` is used.
The `-pp` option is not a standard Nmap ping scan type for TCP SYN ping scans.
The `-PO` option performs an IP protocol ping, which sends IP packets with different protocol numbers, not a TCP SYN ping.
The `nmap -sn -PS <target IP address>` command explicitly performs a TCP SYN ping scan, sending SYN packets to common ports. This method helps Nmap determine if hosts are online and can also provide insights into firewall rules by observing SYN/ACK responses or lack thereof, with `-sn` disabling full port scanning for just host discovery.
The `-PA` option performs a TCP ACK ping scan, which sends ACK packets, distinct from a TCP SYN ping scan.
Concept tested: Nmap host discovery techniques (TCP SYN ping scan)
Source: https://nmap.org/book/man-host-discovery.html
Topics
Community Discussion
No community discussion yet for this question.