How does the -D option implement decoy scans and what effect does that have on the target's logs?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Nmap and ZenMap Tests. Access flashcards and multiple choice questions, with hints and explanations for each question. Ensure success in your exam!

Multiple Choice

How does the -D option implement decoy scans and what effect does that have on the target's logs?

Explanation:
Using decoys with this option adds spoofed source IPs to each probe alongside your real address. What the target sees in its logs are probes coming from several different IPs, not just one. That spreads the activity across multiple sources and makes it harder to link all the log entries to a single scanner, which is the main purpose of decoying. At the same time, the true initiating host can still be inferred by some systems from other signals like timing patterns or traffic behavior, so attribution isn’t guaranteed to be complete.

Using decoys with this option adds spoofed source IPs to each probe alongside your real address. What the target sees in its logs are probes coming from several different IPs, not just one. That spreads the activity across multiple sources and makes it harder to link all the log entries to a single scanner, which is the main purpose of decoying. At the same time, the true initiating host can still be inferred by some systems from other signals like timing patterns or traffic behavior, so attribution isn’t guaranteed to be complete.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy