Certified Ethical Hacker (CEH v13) — Question 288

A Certified Ethical Hacker (CEH) is analyzing a target network. To do this, he decides to utilize an IDLE/IPID header scan using Nmap. The network analysis reveals that the IPID number increases by 2 after following the steps of an IDLE scan. Based on this information, what can the CEH conclude about the target network?

Answer options

• A. The ports on the target network are open
• B. The target network has no firewall present
• C. The ports on the target network are closed
• D. The target network has a stateful firewall present

Correct answer: A

Explanation

The correct answer is A, as an increase in the IPID number during an IDLE scan indicates that the targeted ports are responding, suggesting they are open. Options B and D are incorrect because the presence of a firewall would typically prevent the IDLE scan from functioning properly. Option C is also wrong because closed ports would not cause an increase in the IPID number.