Exam 312-50v12 topic 1 question 53 discussion

D. The -D flag Explanation: The scenario describes a specific condition for a penetration testing scan, where the tester is required to scan every port on a server several times using a set of spoofed source IP addresses. The tester is using Nmap to perform the scan and needs to know which flag to use to satisfy this requirement. The -D flag is used in Nmap to specify a decoy scan. A decoy scan involves sending packets with spoofed IP addresses in order to disguise the true source of the scan. This can be used to make it more difficult for network intrusion detection systems (NIDS) to detect the scan, as well as to confuse the target system about the true source of the traffic. To use the -D flag, the tester specifies a list of decoy IP addresses to be used in the scan. These decoy addresses will be interspersed with the true source IP address in the scan traffic.

The -D flag

D. The -D flag is the correct answer. Another correct answer would be the -S flag (Spoof Source Address), but the -S flag is not a listed option. So the -D flag that is listed is the correct answer. This was an exam question for me when I took the exam on 13 Dec 2023.

D. The -D flag

D. The -D flag

D. The -D flag -------------------------------- IP Address Decoy nmap -D a.a.a.a,b.b.b.b,c.c.c.c {Target IP} IP Address Spoofing nmap -S a.a.a.a {Target IP}

-D for decoy