You are having problems while retrieving results after performing port scanning during internal
testing. You verify that there are no security devices between you and the target system. When
both stealth and connect scanning do not work, you decide to perform a NULL scan with NMAP.
The first few systems scanned shows all ports open.
Which one of the following statements is probably true?

John has scanned the web server with NMAP. However, he could not gather enough information
to help him identify the operating system running on the remote host accurately.
What would you suggest to John to help identify the OS that is being used on the remote web
server?

An Nmap scan shows the following open ports, and nmap also reports that the OS guessing
results to match too many signatures hence it cannot reliably be identified:
21 ftp
23 telnet
80 http
443 https
What does this suggest?

What port scanning method involves sending spoofed packets to a target system and then looking
for adjustments to the IPID on a zombie system?

What port scanning method is the most reliable but also the most detectable?

What does an ICMP (Code 13) message normally indicates?

Because UDP is a connectionless protocol: (Select 2)

What ICMP message types are used by the ping command?

Which of the following systems would not respond correctly to an nmap XMAS scan?

Use the traceroute results shown above to answer the following question:

The perimeter security at targetcorp.com does not permit ICMP TTL-expired packets out.