nerdexam
Exams312-50V9Questions#494
EC-Council

312-50V9 · Question #494

312-50V9 Question #494: Real Exam Question with Answer & Explanation

The correct answer is A: -sO. The Nmap -sO switch performs an IP protocol scan to determine which IP protocols are open and active on a target host.

Question

A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?

Options

  • A-sO
  • B-sP
  • C-sS
  • D-sU

Explanation

The Nmap -sO switch performs an IP protocol scan to determine which IP protocols are open and active on a target host.

Common mistakes.

  • B. -sP (deprecated in favor of -sn) performs a ping scan to discover live hosts on a network, not to enumerate open ports or protocols.
  • C. -sS performs a TCP SYN half-open stealth scan against TCP ports and does not scan for IP-level protocol availability.
  • D. -sU performs a UDP port scan to discover open UDP services, not IP protocol availability.

Concept tested. Nmap IP protocol scan switch identification

Reference. https://nmap.org/book/scan-methods-ip-protocol-scan.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V9 Practice