Which flag performs a NULL scan?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which flag performs a NULL scan?

Explanation:
A NULL scan is done by sending a TCP packet with no flags set. In Nmap, this behavior is triggered with the -sN option. The way responses come back helps determine port state: typically, open ports don’t reply to the packet, while closed ports usually reply with a RST. Firewalls and intrusion detection systems can affect results, so NULL scans aren’t always conclusive, but they’re a distinctive method for probing without using any TCP flags. Other flag-based scans use different flag patterns (for example, a scan that sets multiple flags or a specific flag like FIN or ACK), which is what differentiates them from a NULL scan.

A NULL scan is done by sending a TCP packet with no flags set. In Nmap, this behavior is triggered with the -sN option. The way responses come back helps determine port state: typically, open ports don’t reply to the packet, while closed ports usually reply with a RST. Firewalls and intrusion detection systems can affect results, so NULL scans aren’t always conclusive, but they’re a distinctive method for probing without using any TCP flags. Other flag-based scans use different flag patterns (for example, a scan that sets multiple flags or a specific flag like FIN or ACK), which is what differentiates them from a NULL scan.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy