Which option enables remote OS detection using TCP/IP stack fingerprinting?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the Nmap/ZenMap Switches Test. Prepare with flashcards and multiple choice questions, each question provides hints and explanations. Get ready for your exam!

Multiple Choice

Which option enables remote OS detection using TCP/IP stack fingerprinting?

Explanation:
OS detection via TCP/IP stack fingerprinting is activated by using the dedicated switch that turns on Nmap’s OS fingerprinting feature. This option makes Nmap probe the target and study how its TCP/IP stack responds, then compares those responses to a database of known fingerprints to estimate the operating system. The fingerprinting approach relies on characteristics like TTL values, IP ID behavior, TCP window size, and option flags, which tend to vary between different OS implementations. The other options either broaden the scan or perform different tasks. For example, one choice triggers an aggressive scan that includes OS detection plus version detection, script scanning, and traceroute. Another option focuses on decoying or on scanning a smaller set of ports quickly, neither of which specifically enables the TCP/IP fingerprinting-based OS detection by itself.

OS detection via TCP/IP stack fingerprinting is activated by using the dedicated switch that turns on Nmap’s OS fingerprinting feature. This option makes Nmap probe the target and study how its TCP/IP stack responds, then compares those responses to a database of known fingerprints to estimate the operating system. The fingerprinting approach relies on characteristics like TTL values, IP ID behavior, TCP window size, and option flags, which tend to vary between different OS implementations.

The other options either broaden the scan or perform different tasks. For example, one choice triggers an aggressive scan that includes OS detection plus version detection, script scanning, and traceroute. Another option focuses on decoying or on scanning a smaller set of ports quickly, neither of which specifically enables the TCP/IP fingerprinting-based OS detection by itself.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy