nerdexam
(ISC)2

CISSP-ISSAP · Question #131

John works as an Ethical Hacker for company Inc. He wants to find out the ports that are open in company's server using a port scanner. However, he does not want to establish a full TCP connection. Wh

The correct answer is D. TCP SYN. TCP SYN scanning (option D) is the correct answer because it performs a "half-open" scan - the scanner sends only a SYN packet and, upon receiving a SYN/ACK response from an open port, immediately sends a RST to tear down the attempt, never completing the three-way handshake and

Infrastructure Security

Question

John works as an Ethical Hacker for company Inc. He wants to find out the ports that are open in company's server using a port scanner. However, he does not want to establish a full TCP connection. Which of the following scanning techniques will he use to accomplish this task? (ISC)2 CISSP-ISSAP Exam

Options

  • ATCP FIN
  • BXmas tree
  • CTCP SYN/ACK
  • DTCP SYN

How the community answered

(39 responses)
  • A
    8% (3)
  • B
    18% (7)
  • C
    3% (1)
  • D
    72% (28)

Explanation

TCP SYN scanning (option D) is the correct answer because it performs a "half-open" scan - the scanner sends only a SYN packet and, upon receiving a SYN/ACK response from an open port, immediately sends a RST to tear down the attempt, never completing the three-way handshake and thus never establishing a full TCP connection.

Options A (TCP FIN) and B (Xmas tree) are distractors because while they are also stealth techniques that avoid full connections, they work by sending unusual flag combinations to elicit RST responses from closed ports, making them unreliable on modern systems (especially Windows) and not the standard tool for general port discovery. Option C (TCP SYN/ACK) is wrong because sending a SYN/ACK without a preceding SYN is a server-response packet, not a scan initiation - it's used for firewall ACK filtering detection, not port enumeration.

Memory tip: Think SYN = "half-handshake" - it starts a conversation but never finishes it. The acronym helps: Stealth, Yet No full connection.

Topics

#Port scanning#TCP SYN scan#Network reconnaissance#Ethical hacking

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSAP Practice