What does the ACK evasion scan help determine?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the EC-Council Certified Ethical Hacker (CEH) Exam. Use flashcards and multiple-choice questions with hints and explanations. Enhance your cyber security knowledge and get ready for the exam!

Multiple Choice

What does the ACK evasion scan help determine?

Explanation:
Attackers use ACK evasion (ACK scan) to probe how a firewall handles unsolicited TCP ACKs. By sending ACK packets to various ports without completing a TCP connection, you observe how the target responds (or doesn’t). If the firewall is stateful, it tends to treat unsolicited ACKs carefully—often dropping them or producing specific responses—so the port appears filtered or unfiltered depending on the firewall rules. If the firewall is stateless, the behavior differs, and the host’s replies can reveal whether a port is effectively open or closed from the firewall’s perspective. In short, this scan helps determine whether a firewall is stateful or stateless and whether ports are effectively open (unfiltered) or blocked (filtered) by the firewall. OS version, VPN status, and NAT type are determined with other techniques, not via this scan.

Attackers use ACK evasion (ACK scan) to probe how a firewall handles unsolicited TCP ACKs. By sending ACK packets to various ports without completing a TCP connection, you observe how the target responds (or doesn’t). If the firewall is stateful, it tends to treat unsolicited ACKs carefully—often dropping them or producing specific responses—so the port appears filtered or unfiltered depending on the firewall rules. If the firewall is stateless, the behavior differs, and the host’s replies can reveal whether a port is effectively open or closed from the firewall’s perspective. In short, this scan helps determine whether a firewall is stateful or stateless and whether ports are effectively open (unfiltered) or blocked (filtered) by the firewall. OS version, VPN status, and NAT type are determined with other techniques, not via this scan.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy