During a vulnerability scan, a penetration tester notices that the scanner is repeatedly attempting to exploit a service, causing the service to crash and generating misleading findings. Which of the following scan configurations would BEST help the tester avoid this issue while still identifying potential vulnerabilities?
Trap 1: Enable SYN scan instead of full TCP connect scan
SYN scan is used for port discovery, not for controlling exploitation attempts during vulnerability testing.
Trap 2: Adjust the scan timing template to a slower rate
Slower timing reduces network load but does not prevent the scanner from attempting aggressive exploits.
Trap 3: Increase the port range to include high ports
Increasing port range expands scanning scope but does not change the scanner's aggressiveness in testing services.
- A
Enable SYN scan instead of full TCP connect scan
Why wrong: SYN scan is used for port discovery, not for controlling exploitation attempts during vulnerability testing.
- B
Adjust the scan timing template to a slower rate
Why wrong: Slower timing reduces network load but does not prevent the scanner from attempting aggressive exploits.
- C
Activate the 'safe checks' option in the scanner
Correct. Safe checks perform non-intrusive testing, minimizing disruption and reducing false positives from exploitation attempts.
- D
Increase the port range to include high ports
Why wrong: Increasing port range expands scanning scope but does not change the scanner's aggressiveness in testing services.