Which scanning method is described as using a spoofed source address to discover available services?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which scanning method is described as using a spoofed source address to discover available services?

Explanation:
This question centers on how crafted TCP probes and IP spoofing are used to map out what services are visible on a host. The window-based ACK flag probe scanning approach uses specially crafted TCP ACK packets with a spoofed source address to provoke responses that reveal port status. By sending ACKs (rather than completing a three-way handshake) and observing the TCP window size in the replies (or the lack of a reply), an attacker can infer whether a port is open, closed, or filtered. Spoofing the source means the responses are sent to a different address, helping to stay anonymous and circumvent some logging or filtering, while still letting the scanner deduce which services are reachable behind the firewall. Other methods described involve different mechanisms for gathering state. An Xmas scan sends packets with multiple flags set to probe stealthily but isn’t defined by spoofed source behavior and focuses on how open/closed ports respond to such unusual flag combinations. An inverse TCP flag scan relies on unusual flag usage to infer port state, not specifically on spoofed addresses. SCTP refers to scanning in the context of the SCTP protocol rather than the TCP flag-based probing described here.

This question centers on how crafted TCP probes and IP spoofing are used to map out what services are visible on a host. The window-based ACK flag probe scanning approach uses specially crafted TCP ACK packets with a spoofed source address to provoke responses that reveal port status. By sending ACKs (rather than completing a three-way handshake) and observing the TCP window size in the replies (or the lack of a reply), an attacker can infer whether a port is open, closed, or filtered. Spoofing the source means the responses are sent to a different address, helping to stay anonymous and circumvent some logging or filtering, while still letting the scanner deduce which services are reachable behind the firewall.

Other methods described involve different mechanisms for gathering state. An Xmas scan sends packets with multiple flags set to probe stealthily but isn’t defined by spoofed source behavior and focuses on how open/closed ports respond to such unusual flag combinations. An inverse TCP flag scan relies on unusual flag usage to infer port state, not specifically on spoofed addresses. SCTP refers to scanning in the context of the SCTP protocol rather than the TCP flag-based probing described here.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy