Question

SS is the original Nmap "stealth" scan. It sends a TCP SYN, and if the target responds with a SYN ACK it does not complete the handshake but instead sends a RST.

a) True
b) False

Answer 1

The statement regarding the Nmap 'stealth' scan is true. The SYN scan sends a SYN packet and responds with an RST after receiving a SYN ACK, keeping the scan discreet and less likely to be detected.

Step-by-step explanation:

The statement about the Nmap 'stealth' scan is true. The original stealth scan, known as the SYN scan or sS scan, operates by sending a TCP SYN packet to the target. If the target responds with a SYN ACK signal, indicating that it is listening and open to starting a TCP session, the scanner does not proceed with the standard TCP handshake. Instead, it sends a TCP RST (reset) packet to close the session prematurely, avoiding the completion of a full connection and thus reducing the chance of being logged by the target system's firewall or intrusion detection system (IDS). This method helps keep the scan discreet.