Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
In Xmas tree port scans, only the TCP SYN flag needs to be set. True or false?
True
False
When used as part of scanning a system, the TCP header of a Christmas tree packets has the flags SYN, FIN, URG and PSH set.
WiKiPedia: All packet types and options are sent. In information technology, a Christmas tree packet is a packet with every single option set for whatever protocol is in use. The term derives from a fanciful image of each little option bit in a header being represented by a different-colored light bulb, all turned on, as in "the packet was lit up like a Christmas tree".[1] It can also be known as a kamikaze packet, nastygram, or lamp test segment. Christmas tree packets can be used as a method of divining the underlying nature of a TCP/IP stack by sending the packets and then awaiting and analyzing the responses. When used as part of scanning a system, the TCP header of a Christmas tree packet has the flags FIN, URG and PSH set.[citation needed] Many operating systems implement their compliance with the Internet Protocol standard (RFC 791) in varying or incomplete ways. By observing how a host responds to an odd packet, such as a Christmas tree packet, inferences can be made regarding the host's operating system. Versions of Microsoft Windows, BSD/OS, HP-UX, Cisco IOS, MVS, and IRIX display behaviors that differ from the RFC standard when queried with said packets.[2] A large number of Christmas tree packets can also be used to conduct a DoS attack by exploiting the fact that Christmas tree packets require much more processing by routers and end-hosts than the "usual" packets do. Christmas tree packets can be easily detected by intrusion-detection systems or more advanced firewalls. From a network security point of view, Christmas tree packets are always suspicious and indicate a high probability of network reconnaissance activities.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.