Certified Ethical Hacker (CEH v11) — Question 38

You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?

Answer options

• A. nmap -A - Pn
• B. nmap -sP -p-65535 -T5
• C. nmap -sT -O -T0
• D. nmap -A --host-timeout 99 -T1

Correct answer: C

Explanation

The correct answer, C, uses the -T0 timing option, which is the slowest scan that helps avoid detection by an IDS. Options A, B, and D utilize faster timing templates or aggressive options that increase the likelihood of being detected by intrusion detection systems.