CompTIA PenTest+ (PT0-002) — Question 39

A penetration tester has been given an assignment to attack a series of targets in the 192.168.1.0/24 range, triggering as few alarms and countermeasures as possible.
Which of the following Nmap scan syntaxes would BEST accomplish this objective?

Answer options

• A. nmap -sT -vvv -O 192.168.1.2/24 -PO
• B. nmap -sV 192.168.1.2/24 -PO
• C. nmap -sA -v -O 192.168.1.2/24
• D. nmap -sS -O 192.168.1.2/24 -T1

Correct answer: D

Explanation

The correct answer, D, utilizes a stealth SYN scan which is less likely to trigger alarms compared to other scan types. Options A and C use connect scans and ACK scans respectively, which are more detectable. Option B employs service version detection, which increases the likelihood of being noticed by security measures.