Actual exam question fromCompTIA'sPT0-002
Question #: 94
Topic #: 1
[All PT0-002 Questions]
An assessor wants to run an Nmap scan as quietly as possible. Which of the following commands will give the LEAST chance of detection?
- A.nmap ג€"T3 192.168.0.1
- B.nmap ג€"P0 192.168.0.1
- C.nmap ג€"T0 192.168.0.1
- D.nmap ג€"A 192.168.0.1
Show Suggested AnswerHide Answer
Suggested Answer:B🗳️
bymasso435at Sept. 23, 2022, 8:15 p.m.
Comments
SubmitCancel
Highly Voted 1year, 9months ago
Selected Answer: C
-T0 Paranoid: Very slow, used for IDS evasion-T1 Sneaky: Quite slow, used for IDS evasion-T2 Polite: Slows down to consume less bandwidth, runs ~10 times slower than default-T3 Normal: Default, a dynamic timing model based on target responsiveness-T4 Aggressive: Assumes a fast and reliable network and may overwhelm targets-T5 Insane: Very aggressive; will likely overwhelm targets or miss open ports
upvoted 10 times
...
Highly Voted 1year, 11months ago
It should be C - T0 to avoid IDS/IPS etc.
upvoted 8 times
...
Most Recent 3months, 3weeks ago
-T0 is the quietest.-P0 is also quiet, but it doesn't directly affect the timing of the scan, so it may still run at default speed.
upvoted 1 times
...
key word -- quietly as possible. The answer is C
upvoted 1 times
...
1year, 1month ago
Selected Answer: C
The -T option in Nmap controls the timing and aggressiveness of the scan. Lower values of -T result in slower and more "quiet" scans. In this case, using -T0 will perform the scan with the least chance of detection because it sets the timing to the slowest and least aggressive level.
upvoted 1 times
...
1year, 1month ago
Selected Answer: B
Bbbbbbbb
upvoted 1 times
12months ago
you need to go back to school
upvoted 3 times
11months, 1week ago
ChatGPT says B ... Option B (nmap -P0 192.168.0.1) specifies the -P0 option, which tells Nmap not to ping the target host before scanning. This can help avoid detection because it skips the initial ICMP echo request that might alert the target to the scan. However, it's important to note that some intrusion detection systems and firewalls may still detect the scan based on other network traffic generated by Nmap.
upvoted 1 times
...
...
...
1year, 1month ago
Selected Answer: C
When attempting to run an Nmap scan that's as stealthy as possible, you would want to avoid aggressive scans and avoid triggering as many alarms or logs as possible.Among the given options:C. nmap -T0 192.168.0.1The "-T0" flag sets Nmap to its "paranoid" timing template, meaning that it will wait for a long time between sending packets. This makes the scan very slow, but it also makes it less likely to be detected by intrusion detection systems, as the slow scan might not trigger thresholds that are looking for rapid, suspicious scanning activity.The other options provided are not as stealthy:Therefore, option C is the correct answer, as it will give the least chance of detection.
upvoted 1 times
...
1year, 4months ago
Selected Answer: B
Obviously -A and -T3 are out. I think the answer is B because it's quieter. -T0 is less frequent, so that might be considered quieter too. It's a hard choice between B and C, but my gut says test writers are looking for answer B.
upvoted 1 times
...
1year, 4months ago
Selected Answer: B
the "-T0" option in Nmap sets the timing template to the slowest possible speed, which can also help reduce the chance of detection. However, it does not disable host discovery like the "-P0" option.If the goal is to run an Nmap scan as quietly as possible and minimize the chance of detection, using the "-P0" option would be a better choice than the "-T0" option.So, the correct answer to the question is "-P0".
upvoted 3 times
...
1year, 5months ago
The option that will give the LEAST chance of detection while running an Nmap scan is:B. nmap -P0 192.168.0.1Using the -P0 option will skip the host discovery phase of the scan and assume that all hosts are up, thus avoiding the generation of ICMP echo requests or TCP SYN packets that can be detected by IDS/IPS systems. The -T3 and -T0 options control the timing of the scan and do not affect its stealthiness. The -A option is used for aggressive scanning and OS detection, which can increase the chance of detection.
upvoted 1 times
...
1year, 5months ago
Selected Answer: B
Option B. nmap -P0 192.168.0.1, is the command that will give the least chance of detection. The -P0 option will skip host discovery, making the scan less noisy and less likely to be detected by network intrusion detection systems.
upvoted 1 times
...
1year, 5months ago
Selected Answer: B
By disabling the ping request with the "-P0" option, Nmap will not send any packets to the target unless it is explicitly instructed to scan it. This reduces the chances of detection by the target's security systems.C decreases the timing and aggressiveness of the scan, but it still sends packets to the target, which could potentially be detected.
upvoted 2 times
...
1year, 5months ago
Answer C is correct
upvoted 1 times
...
1year, 6months ago
Selected Answer: B
The command that will give the least chance of detection is B. nmap "P0 192.168.0.1. The "-P0" flag tells Nmap to skip the host discovery process, meaning that no packets will be sent to the target host to determine which ports are open and which services are running. As a result, there will be little to no chance of detection
upvoted 2 times
1year, 6months ago
C is the answer T0
upvoted 2 times
...
1year, 6months ago
Agree also answer C will never end.
upvoted 2 times
...
...
1year, 8months ago
Selected Answer: C
C. T0 will be really slow.
upvoted 4 times
...
1year, 9months ago
Selected Answer: C
C is the right answer.
upvoted 4 times
...
1year, 11months ago
Shouldn't it be C. Slowing down the time would help.
upvoted 5 times
...