Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
-D <decoy1,decoy2[,ME],...>: Cloak a scan with decoys
-n/-R: Never do DNS resolution/Always resolve [default: sometimes]
-o (whatever) defines the Output method
-T<0-5>: Set timing template (higher is faster)
So, -T0 would make the scans slower, and help evade.
-T only stands for timing. The number you add (-T0 - -T5) is what now determines if it can evade IDS (-T0 being the best). So this cannot be the answer since the option did not specifically state *-T0*
However, -D (decoy Scan) is solely meant for IDS evasion, so this is a better option.
I hope this helps.
IDS/Firewall Evasion Techniques - IP Address Decoy
IP address decoy technique refers to generating or manually specifying the IP addresses of decoys in order to evade an IDS or firewall.
#Nmap -D RND:10 <target IP address> (P.359/343)
From nmap site: https://nmap.org/book/man-briefoptions.html
FIREWALL/IDS EVASION AND SPOOFING:
-f; --mtu <val>: fragment packets (optionally w/given MTU)
-D <decoy1,decoy2[,ME],...>: Cloak a scan with decoys
Correct A
-D <señuelo1 [,señuelo2][,ME],...> (Esconde un sondeo con señuelos)
Realiza un sondeo con señuelos. Esto hace creer que el/los equipo/s que utilice como señuelos están también haciendo un sondeo de la red. De esta manera sus IDS pueden llegar a informar de que se están realizando de 5 a 10 sondeos de puertos desde distintas direcciones IP, pero no sabrán qué dirección IP está realizando el análisis y cuáles son señuelos inocentes. Aunque esta técnica puede vencerse mediante el seguimiento del camino de los encaminadores, descarte de respuesta («response-dropping», N. del T.), y otros mecanismos activos, generalmente es una técnica efectiva para esconder su dirección IP.
Check Nmap's official page here:https://nmap.org/book/man-bypass-firewalls-ids.html
The answer, based on the available options here, would be -D (Decoy)
According to "NMAP network scanning" by Gordon "Fyodor" Lyon re Timing Templates (-T) page 142: "The first two (i.e. paranoid and sneaky) are for IDS evasion."
Textbook mentions Decoy as a way of evading the firewall; the attacker generates or manually specifies IP addresses of decoys so that the IDS/firewall cannot determine the actual IP address.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Scryptic
Highly Voted 2 years, 7 months agoSilascarter
2 years, 5 months agobrdweek
2 years, 5 months agoSilascarter
2 years, 5 months agovictorfs
Most Recent 11 months, 2 weeks agovictorfs
11 months, 2 weeks agonuomi
1 year agoMGRavindra
1 year, 1 month agoGregman380
1 year, 4 months agoDaniel8660
1 year, 6 months agoatsagar
1 year, 7 months agoritviksharma3
1 year, 9 months agoMMtc
1 year, 9 months agopabloalarconr
1 year, 10 months agoAverage_Joe
1 year, 12 months agoTasadar92
2 years agoDARKEDGE
2 years agostettin12
2 years agoWolfgano
2 years, 1 month agojasonkym
1 year, 4 months agoJong1
2 years, 1 month agoQudaz
2 years, 2 months ago