How can you limit a scan's total time per host using --host-timeout, and why is this useful for large networks?

• A. It controls the number of hosts scanned per minute.
• B. It limits the overall duration of the entire scan across all hosts.
• C. Use --host-timeout <time> to abort a host’s scan after the specified duration.
• D. It sets a per-host timeout for the host's attempt to connect.

Answer: (C)

The main idea being tested is that the host timeout sets a cap on how long Nmap will spend scanning each individual host. With --host-timeout <time>, Nmap will abort the scan for a host once that duration has elapsed and then move on to the next host. This keeps a large scan from getting bogged down by slow or unresponsive hosts, giving you a predictable total duration and better control over resources.

This behavior matches the description of aborting a host’s scan after the specified duration. It’s not about limiting how many hosts per minute, nor about capping the entire scan’s duration across all hosts. It’s also more than just the connect phase; the timeout applies to the per-host process as a whole, including discovery and any probing, so a slow host won’t stall the rest of the scan.

The main idea being tested is that the host timeout sets a cap on how long Nmap will spend scanning each individual host. With --host-timeout , Nmap will abort the scan for a host once that duration has elapsed and then move on to the next host. This keeps a large scan from getting bogged down by slow or unresponsive hosts, giving you a predictable total duration and better control over resources.

This behavior matches the description of aborting a host’s scan after the specified duration. It’s not about limiting how many hosts per minute, nor about capping the entire scan’s duration across all hosts. It’s also more than just the connect phase; the timeout applies to the per-host process as a whole, including discovery and any probing, so a slow host won’t stall the rest of the scan.