Certified Ethical Hacker (CEH v13) — Question 150

An ethical hacker is scanning a target network. They initiate a TCP connection by sending an SYN packet to a target machine and receiving a SYN/ACK packet in response. But instead of completing the three-way handshake with an ACK packet, they send an RST packet. What kind of scan is the ethical hacker likely performing and what is their goal?

Answer options

• A. They are performing an SYN scan to stealthily identify open ports without fully establishing a connection.
• B. They are performing a network scan to identify live hosts and their IP addresses.
• C. They are performing a TCP connect scan to identify open ports on the target machine.
• D. They are performing a vulnerability scan to identify any weaknesses in the target system.

Correct answer: A

Explanation

The correct answer is A because an SYN scan is designed to identify open ports without completing a full TCP handshake, allowing for stealthier reconnaissance. Option B describes a network scan, which does not specifically target port identification, while option C refers to a TCP connect scan that completes the handshake, and option D pertains to vulnerability scanning, which seeks to find security weaknesses rather than open ports.