Certified Ethical Hacker (CEH) — Question 21

If there is an Intrusion Detection System (IDS) in intranet, which port scanning technique cannot be used?

Answer options

• A. Spoof Scan
• B. TCP Connect scan
• C. TCP SYN
• D. Idle Scan

Correct answer: B

Explanation

The TCP Connect scan is detectable by an IDS because it completes the TCP handshake, making it easy to identify the connection attempts. In contrast, techniques like Spoof Scan, TCP SYN, and Idle Scan can be more covert, allowing them to evade detection by an IDS.