Which scan type is described as SYN/Stealth/Half Open Scan, with an initial SYN flag?

This describes the SYN scan, which is often called stealth or half-open because it starts a connection without completing it. It sends a TCP packet with the SYN flag to each target port to probe its state. If a port is open, the host responds with SYN-ACK, and the scanner immediately sends a RST to tear down the connection instead of finishing the three-way handshake. If a port is closed, the host replies with RST, and if the port is filtered, there may be no reply at all. The key point is that only the initial SYN is sent to start the interaction, keeping the connection “half-open” and making it less likely to be fully logged by some systems. Other scan types don’t use this initial SYN handshake: OS detection probes in other ways to fingerprint the host, a ping scan just checks whether a host is up, and an RPC-focused scan targets RPC services rather than initiating a stealth half-open connection.