Which scanning technique involves resetting the TCP connection before completion of the three-way handshake, creating a half-open connection?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

Which scanning technique involves resetting the TCP connection before completion of the three-way handshake, creating a half-open connection?

The technique tests ports by starting a TCP handshake and then stopping short of completing it. It sends a SYN to the target port, and if the port is open, the target replies with SYN-ACK. Rather than finishing the handshake with an ACK, the scanner immediately sends an RST to tear down the connection. Since the three-way handshake is never completed, no full connection is established—hence the term half-open. This behavior makes the scan stealthier because it leaves less evidence in logs and avoids full session creation.

That’s why this approach is described as a stealth scan (half-open). The other scans use different TCP flag patterns and do not rely on interrupting the handshake in this way, so they don’t create a half-open state.

Which scanning technique involves resetting the TCP connection before completion of the three-way handshake, creating a half-open connection?

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Which scanning technique involves resetting the TCP connection before completion of the three-way handshake, creating a half-open connection?

Get the latest from Passetra