CompTIA PenTest+ (PT0-002) — Question 411

During a reconnaissance exercise, a penetration tester runs the following Nmap command:

nmap -sT -sV -T2 -p 1-65535 domain.com

After watching the scan run for more than two hours, the tester wants to optimize the full scan. Which of the following is the best way to speed up the scan?

Answer options

• A. Scan fewer ports list.
• B. Scan via UDP to improve speed.
• C. Change -sT to -sS.
• D. Keep the scan timing.

Correct answer: C

Explanation

Changing from -sT (TCP connect scan) to -sS (SYN scan) is more efficient as it requires fewer steps in the TCP handshake, thus speeding up the scan process. Scanning fewer ports (Option A) can help, but it doesn't optimize the current full scan. Scanning via UDP (Option B) typically takes longer due to the nature of the protocol, and keeping the scan timing (Option D) does not contribute to speeding up the scan.