Certified Ethical Hacker (CEH v12) — Question 52
You are a penetration tester and are about to perform a scan on a specific server. The agreement that you signed with the client contains the following specific condition for the scan: “The attacker must scan every port on the server several times using a set of spoofed source IP addresses.” Suppose that you are using Nmap to perform this scan.
What flag will you use to satisfy this requirement?
Answer options
- A. The -g flag
- B. The -A flag
- C. The -f flag
- D. The -D flag
Correct answer: D
Explanation
The correct answer is D, as the -D flag in Nmap allows for decoy scanning, which enables the use of multiple spoofed source IP addresses while scanning. This is essential to meet the client's requirement of scanning with spoofed IPs. Options A, B, and C do not provide the necessary functionality for spoofing source IP addresses during the scan.