Certified Ethical Hacker (CEH v12) — Question 198

During a penetration testing assignment, a Certified Ethical Hacker (CEH) used a set of scanning tools to create a profile of the target organization. The CEH wanted to scan for live hosts, open ports, and services on a target network. He used Nmap for network inventory and Hping3 for network security auditing. However, he wanted to spoof IP addresses for anonymity during probing. Which command should the CEH use to perform this task?

Answer options

• A. Hping3 -1 10.0.0.25 -ICMP
• B. Hping3 -2 10.0.0.25-p 80
• C. Nmap -sS -Pn -n -vw --packet-trace -p- --script discovery -T4
• D. Hping3 -S 192.168.1.1 -a 192.168.1.254 -p 22 --flood

Correct answer: D

Explanation

The correct answer is D because it uses the -a flag to spoof the IP address (192.168.1.254) while sending SYN packets to the target (192.168.1.1) on port 22. Options A and B do not include any IP address spoofing and serve different purposes, while option C focuses on network scanning without address spoofing.