Certified Ethical Hacker (CEH v13) — Question 79

You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?

Answer options

• A. nmap -A - Pn
• B. nmap -sP -p-65535 -T5
• C. nmap -sT -O -T0
• D. nmap -A --host-timeout 99 -T1

Correct answer: C

Explanation

The correct answer, C, uses the -T0 option, which is the slowest timing template, helping to minimize noise and evade IDS. Option A is aggressive and likely to generate more noise, while B employs a fast timing option (T5) that increases detection risk. Option D, although using a timeout, still includes an aggressive scan type that could be more detectable.