Certified Ethical Hacker (CEH v12) — Question 245

Which Nmap switch helps evade IDS or firewalls?

Answer options

• A. -D
• B. -n/-R
• C. -T
• D. -oN/-oX/-oG

Correct answer: A

Explanation

The correct answer is A, -D, which enables decoy scanning to obscure the source of the scan from intrusion detection systems. The other options serve different purposes, such as resolving DNS names (-n/-R), setting timing templates (-T), or outputting scan results in various formats (-oN/-oX/-oG), but do not specifically aim to evade detection.