Which flag invokes TCP connect scan in Nmap?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which flag invokes TCP connect scan in Nmap?

Explanation:
The idea being tested is how Nmap can perform a TCP connect scan by using the host’s TCP stack to complete the handshake. When you specify this mode, Nmap asks the OS to do a full TCP connect() to each target port. If a port is open, the three-way handshake completes and Nmap immediately closes the connection; if it’s closed, the handshake fails and Nmap notes the state. This approach doesn’t require raw sockets and is less stealthy than raw-packet scans, but it’s straightforward and reliable when you don’t have privileges to craft raw packets. The flag that triggers this behavior is the one that tells Nmap to use the connect() method, i.e., -sT.

The idea being tested is how Nmap can perform a TCP connect scan by using the host’s TCP stack to complete the handshake. When you specify this mode, Nmap asks the OS to do a full TCP connect() to each target port. If a port is open, the three-way handshake completes and Nmap immediately closes the connection; if it’s closed, the handshake fails and Nmap notes the state. This approach doesn’t require raw sockets and is less stealthy than raw-packet scans, but it’s straightforward and reliable when you don’t have privileges to craft raw packets. The flag that triggers this behavior is the one that tells Nmap to use the connect() method, i.e., -sT.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy