Certified Ethical Hacker (CEH v11) — Question 283
While performing an Nmap scan against a host, Paola determines the existence of a firewall.
In an attempt to determine whether the firewall is stateful or stateless, which of the following options would be best to use?
Answer options
- A. -sA
- B. -sX
- C. -sT
- D. -sF
Correct answer: A
Explanation
The best option to determine whether a firewall is stateful or stateless is -sA, which performs an ACK scan. This method can help identify the type of filtering in place. The other options, such as -sX (Xmas scan), -sT (TCP connect scan), and -sF (FIN scan), do not provide the necessary insights into the state of the firewall.