Certified Ethical Hacker (CEH v10) — Question 25

If there is an Intrusion Detection System (IDS) in intranet, which port scanning technique cannot be used?

Answer options

• A. Spoof Scan
• B. TCP SYN
• C. TCP Connect scan
• D. Idle scan

Correct answer: B

Explanation

The TCP SYN scan is detectable by an IDS because it establishes a half-open connection that can be logged. In contrast, methods like Spoof Scan, TCP Connect scan, and Idle scan can bypass detection by not completing the full connection process or by using spoofed packets.