CompTIA PenTest+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the CompTIA PenTest+ Exam. Enhance your skills with practice questions and detailed explanations. Ace your test and advance your cybersecurity career!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which type of TCP scan can be used to determine what services are allowed through a firewall by sending TCP packets?

  1. FIN

  2. NULL

  3. ACK

  4. SYN

The correct answer is: ACK

The TCP scan that is most effectively used to determine what services are allowed through a firewall by sending TCP packets is the ACK scan. This scanning technique takes advantage of the TCP handshake process and the way TCP/IP stacks respond to unexpected packets. When an ACK packet is sent to a port, the expected responses differentiate between open and closed ports. If a firewall or a filtering system does not receive a packet that matches a security policy, it may respond differently than if a packet is allowed through. For instance, a closed port will typically respond with a RST (reset) packet, indicating that there’s no service running on that port. However, if the port is open, the response may be suppressed by the firewall, leading to no response at all. This behavior can help an attacker infer which ports are being filtered versus which are open, thus revealing more about the firewall’s rules. The other scanning methods, while useful for various purposes, are motivated by different mechanics or objectives. FIN and NULL scans can also be employed stealthily, but they do not provide definitive insight about services allowed through a firewall as effectively as an ACK scan. SYN scans, typically used to initiate a TCP handshake, focus more on identifying open ports rather than understanding the filtering

More Questions Like This