Which flag corresponds to a SYN Scan?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which flag corresponds to a SYN Scan?

Explanation:
SYN scanning probes ports by sending a packet with only the SYN flag set, initiating a half-open connection. If a port is open, the target replies with SYN-ACK, and the scanner typically sends RST to avoid completing the three-way handshake. This keeps the scan fast and quieter on logs because it doesn’t establish a full connection. That’s why this technique is described as a SYN scan. The flag that triggers this behavior is the one that uses the SYN bit, which is why it’s the best answer here. The other options correspond to different scans: a full TCP connect scan completes the handshake (SYN, SYN-ACK, ACK); a Null scan sends no flags; an Xmas scan sends a combination of FIN, URG, and PSH flags.

SYN scanning probes ports by sending a packet with only the SYN flag set, initiating a half-open connection. If a port is open, the target replies with SYN-ACK, and the scanner typically sends RST to avoid completing the three-way handshake. This keeps the scan fast and quieter on logs because it doesn’t establish a full connection. That’s why this technique is described as a SYN scan. The flag that triggers this behavior is the one that uses the SYN bit, which is why it’s the best answer here. The other options correspond to different scans: a full TCP connect scan completes the handshake (SYN, SYN-ACK, ACK); a Null scan sends no flags; an Xmas scan sends a combination of FIN, URG, and PSH flags.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy