CompTIA PenTest+ (PT0-002) — Question 84

An assessor wants to use Nmap to help map out a stateful firewall rule set. Which of the following scans will the assessor MOST likely run?

Answer options

• A. nmap -sA 192.168.0.1/24
• B. nmap -sS 192.168.0.1/24
• C. nmap -oG 192.168.0.1/24
• D. nmap 192.168.0.1/24

Correct answer: A

Explanation

The correct option, A, uses the -sA flag to perform an ACK scan, which is effective for mapping firewall rules by identifying open ports without establishing a full connection. Option B performs a SYN scan, which is stealthier but less informative about stateful rules. Option C simply outputs the scan results in a grepable format, and option D performs a basic scan without any specific flags, making them less suitable for the intended analysis.