New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GPEN Exam - Topic 9 Question 67 Discussion

Actual exam question for GIAC's GPEN exam
Question #: 67
Topic #: 9
[All GPEN Questions]

In which of the following scanning methods does an attacker send the spoofed IP address to send a SYN packet to the target?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Chaya at Feb 10, 2025, 09:12 AM

Limited Time Offer

25%

Off

Get Premium GPEN Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Hyun
3 months ago
Just to clarify, NULL scanning doesn't use spoofed IPs.
upvoted 0 times
...
Lenna
3 months ago
A is correct, but I see why people might confuse it with XMAS.
upvoted 0 times
...
Chantay
3 months ago
Wait, are you sure? I thought it was XMAS.
upvoted 0 times
...
Ahmad
4 months ago
Totally agree, IDLE is the way to go for that!
upvoted 0 times
...
Leota
4 months ago
It's definitely A, IDLE scanning uses a spoofed IP.
upvoted 0 times
...
Slyvia
4 months ago
I have a vague memory of the XMAS scan, but I don't think it involves sending a SYN packet with a spoofed address. It's definitely tricky!
upvoted 0 times
...
Shay
4 months ago
The NULL scan seems like it could be related, but I can't recall if it uses a spoofed IP. I feel like I need to double-check my notes.
upvoted 0 times
...
Gaynell
4 months ago
I remember practicing a question about TCP FIN scans, but I don't think they involve spoofing an IP address like IDLE does.
upvoted 0 times
...
Gail
5 months ago
I think the IDLE scan is the one where you use a spoofed IP to send a SYN packet, but I'm not entirely sure.
upvoted 0 times
...
Lashunda
5 months ago
The key here is the use of a spoofed IP address to send the SYN packet. That narrows it down to either IDLE or TCP FIN. I'm going to go with IDLE since that's the method that specifically uses a spoofed IP.
upvoted 0 times
...
Theola
5 months ago
I'm a bit confused by the wording of this question. Can someone explain the difference between the scanning methods a bit more? I want to make sure I understand the concepts before selecting an answer.
upvoted 0 times
...
Kris
5 months ago
Okay, let's see. IDLE uses a zombie system, TCP FIN just sends FIN packets, NULL sends packets with no flags set, and XMAS sends packets with the FIN, URG, and PUSH flags set. I'm going to go with IDLE on this one.
upvoted 0 times
...
Benedict
5 months ago
Hmm, I'm not entirely sure about this one. I'll need to think through the different scanning methods and how they work to determine which one matches the description.
upvoted 0 times
...
Lisbeth
5 months ago
This looks like a question on network scanning techniques. I think the key is to identify which method uses a spoofed IP address to send a SYN packet.
upvoted 0 times
...
Tegan
9 months ago
IDLE, because who needs a real plan when you can just sit back and let the computer do all the work?
upvoted 0 times
...
Kaycee
9 months ago
A) IDLE, the perfect choice for the lazy hacker who wants to let someone else do the work.
upvoted 0 times
Janae
8 months ago
D) XMAS, that one seems like it could cause a lot of chaos on the target's system.
upvoted 0 times
...
Patti
8 months ago
C) NULL, I heard that one can be pretty effective in evading detection.
upvoted 0 times
...
Vilma
8 months ago
B) TCP FIN, that sounds like a sneaky way to attack a target.
upvoted 0 times
...
Tammy
9 months ago
A) IDLE, the perfect choice for the lazy hacker who wants to let someone else do the work.
upvoted 0 times
...
...
Justine
10 months ago
C) NULL, the only thing more empty than this question is my brain right now.
upvoted 0 times
Meghann
8 months ago
D) XMAS, I think the answer is D) XMAS because it involves sending a spoofed IP address.
upvoted 0 times
...
Bernardo
8 months ago
C) NULL, the only thing more empty than this question is my brain right now.
upvoted 0 times
...
Curt
8 months ago
D) XMAS
upvoted 0 times
...
Honey
8 months ago
C) NULL
upvoted 0 times
...
Fairy
9 months ago
B) TCP FIN
upvoted 0 times
...
Georgene
9 months ago
A) IDLE
upvoted 0 times
...
...
Sheron
10 months ago
D) XMAS, because who doesn't love a good Christmas-themed network attack?
upvoted 0 times
Nidia
8 months ago
XMAS, because who doesn't love a good Christmas-themed network attack?
upvoted 0 times
...
Yan
8 months ago
D) XMAS
upvoted 0 times
...
Ula
8 months ago
C) NULL
upvoted 0 times
...
Christiane
9 months ago
B) TCP FIN
upvoted 0 times
...
Lucy
10 months ago
A) IDLE
upvoted 0 times
...
...
Tomoko
11 months ago
I'm not sure, but I think it might be C) NULL because it also involves sending spoofed IP addresses.
upvoted 0 times
...
Sean
11 months ago
Hmm, I'm pretty sure it's IDLE, gotta love that spoofed IP address magic.
upvoted 0 times
Marguerita
9 months ago
Yeah, XMAS is the correct answer
upvoted 0 times
...
Marget
9 months ago
Bummer, I thought it was A) IDLE too
upvoted 0 times
...
Gene
10 months ago
No, it's actually D) XMAS
upvoted 0 times
...
Milly
10 months ago
A) IDLE
upvoted 0 times
...
...
Adria
11 months ago
I agree with Melodie, because in XMAS scanning, the attacker sends spoofed IP addresses to send SYN packets.
upvoted 0 times
...
Melodie
11 months ago
I think the answer is D) XMAS.
upvoted 0 times
...

Save Cancel