ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v13 All Questions

View all questions & answers for the 312-50v13 exam
Go to Exam

Exam 312-50v13 topic 1 question 147 discussion

Actual exam question from ECCouncil's 312-50v13
Question #: 147
Topic #: 1
[All 312-50v13 Questions]

During a red team assessment, a CEH is given a task to perform network scanning on the target network without revealing its IP address. They are also required to find an open port and the services available on the target machine. What scanning technique should they employ, and which command in Zenmap should they use?

  • A. Use SCTP INIT Scan with the command "-sY"
  • B. Use UDP Raw ICMP Port Unreachable Scanning with the command "-sU"
  • C. Use the ACK flag probe scanning technique with the command "-sA"
  • D. Use the IDLE/IPID header scan technique with the command "-sI"
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by pindinga1 at Jan. 31, 2025, 4:25 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
91a0021
1 month, 3 weeks ago
Selected Answer: D
IDLE Scan (-sI) is a stealthy scanning technique that allows an attacker to scan a target network without revealing their own IP address. It uses a "zombie" host (an idle system) to relay the scan, making it appear as if the scan is originating from the zombie rather than the attacker. It does not send packets directly from the attacker's machine, thus providing complete anonymity. It can detect open ports and services without being easily detected by intrusion detection systems (IDS).
upvoted 2 times
...
Dogeo
1 month, 3 weeks ago
Selected Answer: D
The IDLE/IPID header scan technique (-sI) is the best option for performing a network scan while keeping the attacker's IP address hidden. It is specifically designed for stealth and is the most appropriate choice for this red team task.
upvoted 2 times
...
pindinga1
2 months, 2 weeks ago
Selected Answer: D
D. Use the IDLE/IPID header scan technique with the command "-sI" Explanation: The IDLE scan (-sI) is a stealthy scanning technique that allows a hacker to scan a target without revealing their own IP address. Instead, it leverages a "zombie" (an idle host with predictable IPID sequence numbers) to send packets on behalf of the attacker. Why is this the best choice? The attacker's IP address remains hidden because the "zombie" host is the one interacting with the target. It provides open port detection while avoiding direct interaction with the target. It is difficult to trace back to the attacker, making it useful for stealthy reconnaissance in a red team assessment.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago