Certified Ethical Hacker (CEH v11) — Question 352

Which Nmap switch helps evade IDS or firewalls?

Answer options

• A. -D
• B. -n/-R
• C. -T
• D. -oN/-oX/-oG

Correct answer: A

Explanation

The correct answer is A, -D, which enables decoy scanning to obscure the source of the Nmap scan, making it harder for IDS or firewalls to detect the true origin. The other options do not provide the same level of stealth; -n/-R is for DNS resolution, -T adjusts timing templates, and -oN/-oX/-oG are for output formats, none of which help in evading detection.