Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
The Idle Scan sends out _____ to a computer to find out what TCP ports are open.
IP address
Spoofed Packets
Ping
UDP Packets
Terrible wording of the original question. An idle scan initially sends queries (either ICMP ECHO REQUEST or TCP SYN) to potential zombie(s) and analyzes the IPID returned. If a potential zombie returns with monotonically increasing IPID (which neither Linux nor Mac/OSX does - but Windows and devices like printers can do), then an idle port scan against a victim can take place. During the idle scan, the attacker sends spoofed TCP SYN packets to the victim using the zombie's IP address. The victim responds to the zombie with SYN/ACK, which in turn updates its IPID (and sends a RST to the victim as the SYN/ACK was unexpected by the zombie). The attacker then queries the zombie to find out if the IPID was incremented by 2 (one for the victim's response, one for the attacker's new request). If so...then the TCP SYN for the port in question sent to the victim resulted in a response...the port is open! If not, then the victim did not respond...the port is closed or filtered.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.