If a target machine sends back RESETs or ICMP Port Unreachable, what happens?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

If a target machine sends back RESETs or ICMP Port Unreachable, what happens?

Explanation:
When probing ports, you rely on responses to determine state. A TCP reset means the port is closed, and an ICMP Port Unreachable from a UDP probe also indicates a closed port. These definitive replies tell you immediately that the port isn’t open, so you don’t have to wait for a timeout to conclude its state. That lets the scan move on faster, reducing overall time. The other options don’t fit because a reset or ICMP unreachable doesn’t encrypt results, doesn’t make the scan unable to proceed, and doesn’t imply immunity—just a closed port. The key benefit here is the ability to skip waiting for timeouts when a definitive negative response is received.

When probing ports, you rely on responses to determine state. A TCP reset means the port is closed, and an ICMP Port Unreachable from a UDP probe also indicates a closed port. These definitive replies tell you immediately that the port isn’t open, so you don’t have to wait for a timeout to conclude its state. That lets the scan move on faster, reducing overall time.

The other options don’t fit because a reset or ICMP unreachable doesn’t encrypt results, doesn’t make the scan unable to proceed, and doesn’t imply immunity—just a closed port. The key benefit here is the ability to skip waiting for timeouts when a definitive negative response is received.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy