GIAC Certified Incident Handler (GCIH) — Question 42

Which is the normal response from live hosts to the discovery packets sent during a default Nmap sweep?

Answer options

• A. SYN-ACK packet
• B. FIN packet
• C. SYN packet
• D. ICMP Timestamp request

Correct answer: A

Explanation

The correct response from live hosts to Nmap's discovery packets is a SYN-ACK packet, indicating that the host is alive and ready to communicate. A FIN packet signifies the end of a connection, a SYN packet is part of the connection initiation process, and an ICMP Timestamp request is not a standard response to Nmap discovery packets.