Certified Ethical Hacker (CEH v10) — Question 36

You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?

Answer options

• A. nmap -A - Pn
• B. nmap -sP -p-65535 -T5
• C. nmap -sT -O -T0
• D. nmap -A --host-timeout 99 -T1

Correct answer: C

Explanation

The correct answer, C, uses the -T0 option to slow down the scan, making it less likely to be detected by IDS. Options A and D are more aggressive and could generate more noise, while option B performs a scan of all ports with a high speed setting, which is not stealthy.