Certified Ethical Hacker (CEH v13) — Question 93
You are a penetration tester and are about to perform a scan on a specific server. The agreement that you signed with the client contains the following specific condition for the scan: “The attacker must scan every port on the server several times using a set of spoofed source IP addresses.” Suppose that you are using Nmap to perform this scan.
What flag will you use to satisfy this requirement?
Answer options
- A. The -g flag
- B. The -A flag
- C. The -f flag
- D. The -D flag
Correct answer: D
Explanation
The -D flag in Nmap allows you to perform a decoy scan, which can help in spoofing the source IP addresses by using multiple decoy addresses. This is essential for the specified requirement to scan using spoofed IPs. The other flags, -g, -A, and -f, serve different purposes: -g is for specifying a source port, -A enables OS detection and version detection, and -f is for fragmenting packets, none of which fulfill the requirement for spoofing IP addresses.