Certified Ethical Hacker (CEH v12) — Question 11

While performing an Nmap scan against a host, Paola determines the existence of a firewall.
In an attempt to determine whether the firewall is stateful or stateless, which of the following options would be best to use?

Answer options

• A. -sA
• B. -sX
• C. -sT
• D. -sF

Correct answer: A

Explanation

The correct option, -sA, performs an ACK scan which helps determine the state of the firewall by sending TCP ACK packets. This allows Paola to see if the firewall is keeping track of connection states. The other options, such as -sX (Xmas scan), -sT (TCP connect scan), and -sF (FIN scan), do not specifically indicate stateful versus stateless behavior.