ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v13 All Questions

View all questions & answers for the 312-50v13 exam
Go to Exam

Exam 312-50v13 topic 1 question 230 discussion

Actual exam question from ECCouncil's 312-50v13
Question #: 230
Topic #: 1
[All 312-50v13 Questions]

Consider a scenario where a Certified Ethical Hacker is attempting to infiltrate a company's network without being detected. The hacker intends to use a stealth scan on a BSD-derived TCP/IP stack, but he suspects that the network security devices may be able to detect SYN packets. Based on this information, which of the following methods should he use to bypass the detection mechanisms and why?

  • A. Maimon Scan, because it is very similar to NULL, FIN, and Xmas scans, but the probe used here is FIN/ACK
  • B. Xmas Scan, because it can pass through filters undetected, depending on the security mechanisms installed
  • C. TCP Connect/Full-Open Scan, because it completes a three-way handshake with the target machine
  • D. ACK Flag Probe Scan, because it exploits the vulnerabilities within the BSD-derived TCP/IP stack
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by MHafizC at Jan. 16, 2025, 3:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Dogeo
2 days, 5 hours ago
Selected Answer: D
The Maimon scan is often used to bypass firewalls by sending FIN/ACK packets, exploiting the way the BSD-derived TCP/IP stack handles these packets
upvoted 1 times
...
MHafizC
1 month ago
Selected Answer: D
ACK Flag Probe Scan
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago