An engineer needs to discover alive hosts within the 192.168.1.0/24 range without triggering intrusive portscan alerts on the IDS device using Nmap.
Which command will accomplish this goal?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The correct answer is B. nmap "sP 192.168.1.0/24"
Explanation:
Nmap is a popular network exploration and security auditing tool. It has a variety of options for scanning a network and detecting open ports, live hosts, and vulnerabilities. In this scenario, the engineer needs to discover live hosts within the 192.168.1.0/24 range without triggering intrusive portscan alerts on the IDS device using Nmap.
Option A, "nmap --top-ports 192.168.1.0/24", will scan the top ports of the hosts within the specified IP range, which can trigger alerts on an IDS device.
Option B, "nmap -sP 192.168.1.0/24", will perform a ping scan on the specified IP range. This means that Nmap will send ICMP echo requests to each IP address in the range to see which hosts respond. This is a non-intrusive way to discover live hosts, as it does not involve scanning for open ports.
Option C, "nmap -sL 192.168.1.0/24", will simply list the IP addresses in the specified range without sending any packets to them. This is not a useful way to discover live hosts, as it does not verify whether the hosts are actually online.
Option D, "nmap -sV 192.168.1.0/24", will perform a version scan on the specified IP range. This means that Nmap will try to identify the services running on each host and determine their versions. This can be useful for vulnerability assessment, but it is also likely to trigger alerts on an IDS device.
Therefore, the correct option is B, "nmap -sP 192.168.1.0/24".