Exam PT0-001 topic 1 question 121 discussion

-Pn flag treats the host as online.

aaaaaaaaaa

If it isn't about the wrong spelling of the IP address in the answer it could be A as well

looks good to me

Can only be A: B:) you specifie -p switch but you are not speciefiing ports ... so nothing so scan .. c.) Wrong iP Range d.) wrong command line ... options (t4) go first ... last ist the garget list . Using the -Pn and -sT Options is even a good idea: Because you can disable ping on a Network device and still provide SMB/SSH or whatever you like. so treating every host as up and scanning all ports is a good idea if the range is small. Also doing a full 3way handshake -sT will give you more details.

A. nmap -Pn -sS <target> When ICMP is blocked to hosts, a tester will need to disable ping checks to force Nmap to scan the targets. The -Pn flag tells Nmap not to attempt to ping a host before scanning. This will take longer for hosts that are down, as subsequent requests to nonexistent services will have to time out. This scan is typically coupled with a port list in order to limit the number of ports attempted and expedite the scan as much as possible. Output will typically be identical with or without ping enabled. In verbose mode, an additional line will indicate whether an ARP or ICMP scan has taken place when ping is enabled.

Question is stating that the attacker is scanning the network FOR hosts that are in scope. A - No good because the -Pn switch will list all hosts 1-125 as up even if they are not. B - The -p switch is called but no port listed so this will not execute. C - The -oA tag needs to have a name after it to declare the file name D - Only one that works properly even though -T4 isn't ideal if the attacker is trying to be stealthy.

I would go for B. - FIN Scan (-sF) "Sometimes a normal TCP SYN scan is not the best solution because of the firewall. IDS and IPS scans might be deployed on the target machine, but a firewall will usually block the SYN packets. A FIN scan (-sF) sends the packet only set with a FIN flag, so it is not required to complete the TCP handshaking." https://resources.infosecinstitute.com/nmap/#gref