Question

Which nmap scan is a slow scan to avoid detection?

Option 1: nmap -sS -PT -PI -O -T1
Option 2: nmap -sP
Option 3: nmap -sS -O
Option 4: nmap -sS

Answer 1

Option 1: nmap -sS -PT -PI -O -T1 is the slow scan designed to avoid detection, employing a stealthy approach with the slowest possible timing to reduce the chances of triggering intrusion detection systems.

Step-by-step explanation:

Among the listed options, the nmap command that represents a slower scanning technique to avoid detection is:

Option 1: nmap -sS -PT -PI -O -T1

This command uses a stealthy SYN scan (-sS), along with TCP ACK ping (-PT) and ICMP echo ping probes (-PI) to determine which hosts are up. It performs operating system detection (-O) and uses timing template (-T1) which is the slowest option available, thereby reducing the scan speed to avoid intrusion detection systems (IDS). Options 2, 3, and 4 are faster scans and are not specifically constructed to be slow like Option 1.