CompTIA PenTest+ (PT0-002) — Question 41

A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011. Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds?

Answer options

• A. Nmap
• B. tcpdump
• C. Scapy
• D. hping3

Correct answer: C

Explanation

Scapy is the correct choice because it provides the capability to create, modify, and send packets with customized TCP header lengths and checksums, allowing for detailed interaction with the service. Nmap is primarily a network scanning tool, tcpdump is used for packet capture and analysis, and hping3, while useful for crafting packets, does not offer the same level of programmability and flexibility as Scapy.