Certified Ethical Hacker (CEH v10) — Question 96

An attacker is using nmap to do a ping sweep and a port scanning in a subnet of 254 addresses.
In which order should he perform these steps?

Answer options

• A. The sequence does not matter. Both steps have to be performed against all hosts.
• B. First the port scan to identify interesting services and then the ping sweep to find hosts responding to icmp echo requests.
• C. First the ping sweep to identify live hosts and then the port scan on the live hosts. This way he saves time.
• D. The port scan alone is adequate. This way he saves time.

Correct answer: C

Explanation

The correct answer is C because performing a ping sweep first allows the attacker to identify which hosts are live before conducting a port scan, making the process more efficient. Option A is incorrect as the order does matter for efficiency. Option B is wrong because it suggests starting with the port scan, which is less efficient. Option D is incorrect as it overlooks the importance of identifying live hosts before scanning for open ports.