Which NMAP option performs a host discovery sweep to identify live hosts?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which NMAP option performs a host discovery sweep to identify live hosts?

Explanation:
Nmap’s host discovery is about determining which targets are live before doing deeper scans. The ping sweep option is designed for this purpose: it sends probe requests (such as ICMP echo, and on some networks ARP checks) to a range of addresses and reports which hosts respond, marking them as up. This helps you map the network quickly without touching ports on every host. The other methods focus on port or service analysis rather than simply identifying live hosts. A SYN scan targets and probes ports to see what’s open, which can indirectly reveal a live host but isn’t a pure discovery step. OS detection uses crafted probes to fingerprint the device’s operating system, which also requires hosts to be reachable but isn’t intended to discover who’s up. UDP scanning checks UDP ports, again primarily for port/service information rather than discovering live hosts. Historically, the ping sweep option is the classic host discovery tool (in modern usage often replaced by a no-port-scan flag, but conceptually the same), making it the best fit for identifying live hosts.

Nmap’s host discovery is about determining which targets are live before doing deeper scans. The ping sweep option is designed for this purpose: it sends probe requests (such as ICMP echo, and on some networks ARP checks) to a range of addresses and reports which hosts respond, marking them as up. This helps you map the network quickly without touching ports on every host.

The other methods focus on port or service analysis rather than simply identifying live hosts. A SYN scan targets and probes ports to see what’s open, which can indirectly reveal a live host but isn’t a pure discovery step. OS detection uses crafted probes to fingerprint the device’s operating system, which also requires hosts to be reachable but isn’t intended to discover who’s up. UDP scanning checks UDP ports, again primarily for port/service information rather than discovering live hosts.

Historically, the ping sweep option is the classic host discovery tool (in modern usage often replaced by a no-port-scan flag, but conceptually the same), making it the best fit for identifying live hosts.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy