Exam PT0-003 Topic 1 Question 123 Discussion
Actual exam question for CompTIA's PT0-003 exam
Question #: 123
Topic #: 1
Question #: 123
Topic #: 1
A penetration tester is trying to bypass an active response tool that blocks IP addresses that have more than
100 connections per minute. Which of the following commands would allow the tester to finish the test without being blocked?
100 connections per minute. Which of the following commands would allow the tester to finish the test without being blocked?
Suggested Answer: B Vote an answer
The -T2 flag in Nmap sets the timing template to "polite", which means that Nmap will limit the number of parallel probes to 10 and the scan delay to 0.4 seconds. This will reduce the number of connections per minute and avoid triggering the active response tool. The -Pn flag tells Nmap to skip the host discovery phase and scan the target regardless of its ping response. The other options are not suitable for bypassing the active response tool, as they either scan too many ports (-sU, -T5, -F) or use a faster timing template (-T5, -T3) that will generate more connections per minute. References:
*Nmap Cheat Sheet 2024: All the Commands & Flags - StationX
*Nmap Commands - 17 Basic Commands for Linux Network - phoenixNAP
*NMAP Flag Guide: What They Are, When to Use Them - CBT Nuggets
*Nmap Cheat Sheet 2024: All the Commands & Flags - StationX
*Nmap Commands - 17 Basic Commands for Linux Network - phoenixNAP
*NMAP Flag Guide: What They Are, When to Use Them - CBT Nuggets
by Ula at Jul 17, 2024, 06:35 AM
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday
Support: Contact now
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).