Certified Ethical Hacker (CEH v12) — Question 195

An ethical hacker is scanning a target network. They initiate a TCP connection by sending an SYN packet to a target machine and receiving a SYN/ACK packet in response. But instead of completing the three-way handshake with an ACK packet, they send an RST packet. What kind of scan is the ethical hacker likely performing and what is their goal?

Answer options

• A. They are performing an SYN scan to stealthily identify open ports without fully establishing a connection.
• B. They are performing a network scan to identify live hosts and their IP addresses.
• C. They are performing a TCP connect scan to identify open ports on the target machine.
• D. They are performing a vulnerability scan to identify any weaknesses in the target system.

Correct answer: A

Explanation

The correct answer is A because an SYN scan sends an SYN packet and listens for responses without completing the handshake, making it less detectable. Option B does not match the specific action of scanning ports, while option C involves a full connection which is not the case here, and option D focuses on identifying vulnerabilities rather than detecting open ports.