Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CySA+ > Nmap > Flashcards

Nmap Flashcards

1
Q

TCP SYN (-sS)

A

fast technique, also called half-open scanning, as the scanning host requests a connection without acknowledging it. The target’s response to the scan’s SYN packet identifies the port state.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

TCP connect (-sT)

A

A half-open scan requires Nmap to have privileged access to the network driver to craft packets. If privileged access is unavailable, Nmap must use the OS to attempt a full TCP connection. This type of scan is less stealthy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

TCP flags

A

You can scan by setting TCP headers in unusual ways. A Null (-sN) scan sets the header bit to zero, a FIN (-sF) scan sends an unexpected FIN packet, and an Xmas scan (-sX) sets the FIN, PSH, and URG flags. This was a means of defeating early types of firewalls and IDS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

UDP scans (-sU)

A

Scan UDP ports. As these do not use ACKs, Nmap needs to wait for a response or timeout to determine the port state, so that UDP scanning can take a long time. A UDP scan can be combined with a TCP scan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CySA+ (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions