GSEC Exam QuestionsBrowse all questions from this exam

GSEC Exam - Question 3


What is the motivation behind SYN/FIN scanning?

Show Answer
Correct Answer: C

The crafted SYN/FIN packet sometimes gets past firewalls and filtering routers. SYN/FIN scanning tries to exploit the fact that some firewalls and routers may not properly filter packets with both SYN and FIN flags set, thereby allowing attackers to map out the network and identify open ports.

Discussion

5 comments
Sign in to comment
Kuku55Option: C
Dec 3, 2020

Right answer is C.

director47Option: C
Nov 16, 2021

C for this one

saucehozzOption: C
Mar 10, 2022

C senor

compgeek34
Nov 11, 2023

I took the exam twice, and these questions were not even in the ballpark for the GSEC. A moderator may not show my comment here. These questions are ancient.

arvkvOption: C
Sep 17, 2023

A. The SYN/FIN combination is useful for signaling to certain Trojans. This is not correct, as the SYN/FIN combination is not generally used to communicate with Trojans. B. SYN/FIN packets are commonly used to launch denial of service attacks against BSD hosts. This is not correct, SYN/FIN packets are not a common method for DoS attacks. C. The crafted SYN/FIN packet sometimes gets past firewalls and filtering routers. This is correct. SYN/FIN scanning utilizes crafted packets with both the SYN and FIN flags set to bypass firewall rules. D. A SYN/FIN packet is used in session hijacking to take over a session. This is not correct, session hijacking typically involves predicting TCP sequence numbers, not using SYN/FIN packets. So the correct option is C.