Why would a penetration tester use the nmap -sF command?
- when a TCP SYN scan is detected by a network filter or firewall
- when the tester wants to conclude the scan
- when a TCP SYN scan reports more than one open port
- when the tester needs to time stamp the scan
Explanation: When a network filter or firewall detects a TCP SYN scan, a TCP FIN scan will send a FIN packet to a target port. TCP FIN packets are typically allowed through firewalls and filters.
Exam with this question: 3.5.3 Quiz - Information Gathering and Vulnerability Scanning Answers
Please login or Register to submit your answer