Which of the following steps are required in an idle scan of a closed port?

seenagapeJanuary 15, 2014

Which of the following steps are required in an idle scan of a closed port?
Each correct answer represents a part of the solution. Choose all that apply.

PrepAway - Latest Free Exam Questions & Answers

A.
The attacker sends a SYN/ACK to the zombie.

B.
The zombie’s IP ID increases by only 1.

C.
In response to the SYN, the target sends a RST.

D.
The zombie ignores the unsolicited RST, and the IP ID remains unchanged.

E.
The zombie’s IP ID increases by 2.

Explanation:
Following are the steps required in an idle scan of a closed port:
1.Probe the zombie’s IP ID: The attacker sends a SYN/ACK to the zombie. The zombie, unaware
of the SYN/ACK, sends back a RST, thus disclosing its IP ID.

2.Forge a SYN packet from the zombie: In response to the SYN, the target sends a RST. The
zombie ignores the unsolicited RST, and the IP ID remains unchanged.

3.Probe the zombie’s IP ID again: The zombie’s IP ID has increased by only 1 since step 1. So the
port is closed.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ECCouncil Exam Questions

Free EC-Council Study Guide

Which of the following steps are required in an idle scan of a closed port?

Leave a Reply Cancel reply