What describes the NULL scan and how would you effectively mitigate it?
A NULL scan attack consists of a series of packets that have source port 0 and various destination ports set They can be minimized with SCREEN options, such as set security screen ids-option foo tcp-no-null and udp-no-null.
A NULLscanattackisanattacktargetingportOoftheremotedevice’sTCP/IPstack.set security idp sensor-configuration flow no-allow-tcp-without-flow.
A NULL scan attack uses packets with no flags set and you can minimize it with SCREEN options, set screen ids-option foo tcp tcp-no-flag.
A NULL attack is making use of UDP packets that just contain "0" characters in their payload; a stateless firewall filter can help to mitigate this attack.