The correct response is port scans take significant time depending on the number of ports scanned as well as the power of the system testing the networks. ... EDIT> none of these answers are correct. port scans might take longer than a ping scan, but it also takes a lot less time than lets say vulnerability scan. therefor, i have added extra option "If not done correctly, it is easily detected by security devices" and mark it as the correct answer. Edit: "it takes a lot of time" is the true answer rather than "if not done ....detected by security". The latter is always true for any kind of attack, eg IDS evasion while the former is specific to port scanning in a real attack--attacker uses -T1 or even -T0 option for the scan. Try it and you will understand who long it takes for the scan in a real attack, could be months. The simple labs which uses -T4 are only for demonstration purpose to show how to use the tool, and -T4 is too noisy and will be caught in a short time. I didn't change the answer and would like somebody to review my comment to see if the answer should be changed. EDIT: this question is SO wrong, it should just be removed