Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam

Exam 312-50v11 topic 1 question 170 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 170
Topic #: 1
[All 312-50v11 Questions]

Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port scanning on a target host in the network. While performing the given task, Sam sends FIN/ACK probes and determines that an RST packet is sent in response by the target host, indicating that the port is closed.
What is the port scanning technique used by Sam to discover open ports?

  • A. Xmas scan
  • B. IDLE/IPID header scan
  • C. TCP Maimon scan
  • D. ACK flag probe scan
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
americaman80
Highly Voted 3 years, 7 months ago
C is the correct answer. Source: https://nmap.org/book/scan-methods-maimon-scan.html
upvoted 18 times
naveedsajjad
2 years, 8 months ago
C is a wrong answer https://nmap.org/book/scan-methods-maimon-scan.html The Maimon scan is named after its discoverer, Uriel Maimon.​He described the technique in Phrack Magazine issue #49 (November 1996).​Nmap, which included this technique, was released two issues later. This technique is exactly the same as NULL, FIN, and Xmas scan, except that the probe is FIN/ACK.
upvoted 2 times
Average_Joe
2 years, 6 months ago
Did you even read what you posted?
upvoted 18 times
...
...
...
blacksheep6r
Highly Voted 3 years, 1 month ago
EC-Council v11 pg.309 TCP Maimon scan This scan technique is very similar to NULL, FIN, and Xmas scan, but the probe used here is FIN/ACK. In most cases, to determine if the port is open or closed, the RST packet should be generated as a response to a probe request. However, in many BSD systems, the port is open if the packet gets dropped in response to a probe. Nmap interprets a port as open|filtered when there is no response from the Maimon scan probe even after many retransmissions. The port is closed if the probe gets a response as an RST packet. The port is filtered when the ICMP unreachable error (type 3, code 1, 2, 3, 9, 10, or 13) is returned from the target host. In Zenmap, the -sM option is used to perform the TCP Maimon scan. Figure 3.45: TCP Maimon scan.
upvoted 14 times
nishu767
1 year, 4 months ago
as for TCP Maimon scan, if the port is "open or closed", the RST packet should be generated as a response to a probe request. and in question, it is said only when port is "closed"
upvoted 1 times
...
...
Miracleam
Most Recent 1 month, 1 week ago
It is the TCP Maimon scan that uses FIN/ACK probe. The Ack flag probe scan uses Ack probe. Hence the Answer is C
upvoted 1 times
...
Vincent_Lu
1 year, 2 months ago
Selected Answer: C
https://nmap.org/book/scan-methods-maimon-scan.html TCP Maimon Scan (-sM) The Maimon scan is named after its discoverer, Uriel Maimon. He described the technique in Phrack Magazine issue #49 (November 1996). Nmap, which included this technique, was released two issues later. This technique is exactly the same as NULL, FIN, and Xmas scan, except that the probe is FIN/ACK. According to RFC 793 (TCP), a RST packet should be generated in response to such a probe whether the port is open or closed. However, Uriel noticed that many BSD-derived systems simply drop the packet if the port is open.
upvoted 1 times
...
victorfs
1 year, 6 months ago
Selected Answer: C
The correct option is C: tcp Maimon scan
upvoted 1 times
...
Bob_234
1 year, 8 months ago
Selected Answer: D
it is D because he sends a ACK firts, that is inside an ACK flag probe scan it cant be tcp maimon scan, because the attacker will send a syn first
upvoted 1 times
...
Daniel8660
2 years, 1 month ago
Selected Answer: C
TCP Maimon Scan - send FIN/ACK probes, and if there is no response the port is Open|Filtered; but if an RST packet is sent in response, then the port is closed. # Nmap -sM -v <target IP address> (P.309/293)
upvoted 6 times
...
sn30
2 years, 2 months ago
Selected Answer: C
Correct answer is C, Maimon attack. Known for making use of FIN/ACK flags
upvoted 1 times
...
tinkerer
2 years, 2 months ago
Selected Answer: C
Correct answer is C
upvoted 1 times
...
flinux
2 years, 2 months ago
Selected Answer: C
The answer is C
upvoted 1 times
...
Fedrehopsu
2 years, 3 months ago
Selected Answer: C
C is the answer
upvoted 1 times
...
cyberzzz
2 years, 6 months ago
Selected Answer: C
That ' C for sure. Fin/Ack=Maimon
upvoted 2 times
...
andreigheorghiu
2 years, 8 months ago
Selected Answer: C
answer is C
upvoted 1 times
...
Qudaz
2 years, 9 months ago
Selected Answer: C
TCP Maimon Scan.
upvoted 1 times
...
APOLLO1113
2 years, 9 months ago
it says FIN/ACK,, answer is TCP Maimon Scan
upvoted 1 times
...
egz21
2 years, 10 months ago
the correct anwser is TCP-Maimon-Scan!!!
upvoted 1 times
...
cozy1970
2 years, 10 months ago
Selected Answer: C
C is correct. Maimon Scan.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...