Null Scan: Which scan sends a packet with no flags set?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Nmap and ZenMap Tests. Access flashcards and multiple choice questions, with hints and explanations for each question. Ensure success in your exam!

Multiple Choice

Null Scan: Which scan sends a packet with no flags set?

Explanation:
The key idea is how TCP flags shape the probe and the target’s response. A Null scan sends a TCP segment with no flags set at all. In Nmap this is performed with the flag -sN. Because there are no flags, many TCP stacks treat the packet as invalid and will reply with a RST for closed ports, or simply ignore it for open or filtered ports, which helps differentiate states in some environments. In contrast: - The ACK scan uses packets with only the ACK flag set to probe how a host responds to acknowledged packets, revealing filtering behavior. - The Xmas scan sets multiple flags (FIN, PSH, URG) to create a so-called “Xmas tree” packet, and the responses differ by OS and state. - The Idle scan leverages a zombie host to infer port state through timing/IPID behavior rather than relying on a specific flag pattern in the probe. So, the scan that sends a packet with no flags is the one invoked with -sN.

The key idea is how TCP flags shape the probe and the target’s response. A Null scan sends a TCP segment with no flags set at all. In Nmap this is performed with the flag -sN. Because there are no flags, many TCP stacks treat the packet as invalid and will reply with a RST for closed ports, or simply ignore it for open or filtered ports, which helps differentiate states in some environments.

In contrast:

  • The ACK scan uses packets with only the ACK flag set to probe how a host responds to acknowledged packets, revealing filtering behavior.

  • The Xmas scan sets multiple flags (FIN, PSH, URG) to create a so-called “Xmas tree” packet, and the responses differ by OS and state.

  • The Idle scan leverages a zombie host to infer port state through timing/IPID behavior rather than relying on a specific flag pattern in the probe.

So, the scan that sends a packet with no flags is the one invoked with -sN.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy