CompTIA PenTest+ (PT1-002) — Question 11

A security professional wants to test an IoT device by sending an invalid packet to a proprietary service listening on TCP port 3011. Which of the following would allow the security professional to easily and programmatically manipulate the TCP header length and checksum using arbitrary numbers and to observe how the proprietary service responds?

Answer options

• A. Nmap
• B. tcpdump
• C. Scapy
• D. hping3

Correct answer: C

Explanation

Scapy is designed for packet manipulation and allows users to easily craft packets with custom TCP header lengths and checksums, making it ideal for this scenario. While hping3 can also manipulate packets, it is less flexible than Scapy in terms of custom packet crafting. Nmap is primarily a network scanner, and tcpdump is used for packet capturing, neither of which are suited for programmatic packet creation and manipulation.