Computer Hacking Forensic Investigator (CHFI v10) — Question 46
Michael works for Kimball Construction Company as senior security analyst. As part of yearly security audit, Michael scans his network for vulnerabilities. Using
Nmap, Michael conducts XMAS scan and most of the ports scanned do not give a response. In what state are these ports?
Answer options
- A. Closed
- B. Open
- C. Stealth
- D. Filtered
Correct answer: B
Explanation
The correct answer is B, Open, because an XMAS scan sends packets with the FIN, URG, and PSH flags set. If a port is open, it responds to the scan. The other options are incorrect; Closed ports do not respond at all, Stealth indicates that a port is not responding to probes, and Filtered ports are protected by a firewall or filtering device, which also prevents responses.