Certified Ethical Hacker (CEH v13) — Question 193

Techno Security Inc. recently hired John as a penetration tester. He was tasked with identifying open ports in the target network and determining whether the ports are online and any firewall rule sets are encountered.
John decided to perform a TCP SYN ping scan on the target network.
Which of the following Nmap commands must John use to perform the TCP SYN ping scan?

Answer options

• A. nmap -sn -PO < target IP address >
• B. nmap -sn -PS < target IP address >
• C. nmap -sn -PA < target IP address >
• D. nmap -sn -PP < target IP address >

Correct answer: B

Explanation

The correct answer is B, as the '-PS' flag in Nmap is specifically used for TCP SYN ping scans, allowing the tester to identify live hosts. Options A, C, and D utilize different types of ping scans that do not focus on TCP SYN, thus making them unsuitable for John's task.