What type of scan is Cindy attempting here?

312-38 V2 0 Comments

Cindy is the network security administrator for her company. She just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. She is worried about the current security state of her company’s network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established, she sends RST packets to those hosts to stop the session. She has done this to see how her intrusion detection system will log the traffic.

What type of scan is Cindy attempting here?
A . The type of scan she is usinq is called a NULL scan.
B . Cindy is using a half-open scan to find live hosts on her network.
C . Cindy is attempting to find live hosts on her company’s network by using a XMAS scan.
D . She is utilizing a RST scan to find live hosts that are listening on her network.

Answer: B

Explanation:

The technique Cindy is using is known as a half-open scan, or SYN scan. This method involves sending SYN packets, which are the initial step in establishing a TCP connection, to various hosts to determine if the ports are listening. If a host responds with a SYN/ACK, it indicates that the port is open and ready to establish a connection. Cindy then sends an RST packet to terminate the session before the connection is fully established. This type of scan is useful for mapping out live hosts on a network without completing the TCP three-way handshake, thus avoiding the creation of a full connection and reducing the likelihood of detection by intrusion detection systems.

Reference: The information about half-open scans can be found in various security resources and

aligns with the ECCouncil’s Network Defender (CND) objectives. It is a common technique discussed in network security literature for its efficiency and stealth123.

Latest 312-38 Dumps Valid Version with 120 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 312-38 PDF     312-38 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments