Exam 312-50 topic 4 question 20 discussion

-sO shows not port numbers but protocol numbers. User is not able to find our what PORTS are Open/Closed from nmap output that with -sO becasue it will shown protocol numbers only. Correct answer is "C" of course it not perfect answer bacuse it will show only open ports for TCP not for UDP. So the opetions vs the question do not match perfectly.

-sO is protocol can not port

C. -sS (TCP SYN Scan)

NMAP switch "-sS" (Option C), which stands for "TCP SYN scan". This is one of the most popular and widely used NMAP scan techniques that sends SYN packets to each target port, and waits for a response from the target. This can help the hacker identify which ports are open and accepting connections. Option A (-sO) is an IP protocol scan that can be used to identify which IP protocols are supported by the target system. Option B (-sP) is a "ping" or "host discovery" scan that can be used to identify which hosts are up and responding to network traffic. Option D (-sU) is a UDP scan that can be used to identify which UDP ports are open and accepting connections.

The correct answer is -sS, i confirmed it using nmap. -sO is IP protocol scan, tells you if icmp is open

A. -sO is correct answer.

A is a good answer -sO: IP Protocal scan -sP: Ping sweep scan -sS: stealth scan -sU: UDP scan

Isn't C correct? -sO is protocol scan, it does not scan for ports!

I suppose C is correct https://nmap.org/book/scan-methods-ip-protocol-scan.html