A full TCP connect scan (-sT) utilizes what type of handshake?

A full TCP connect scan leverages the standard TCP three-way handshake as its method for establishing a connection with a target host. The three-way handshake consists of three steps: the client sends a SYN (synchronize) packet to the server, the server responds with a SYN-ACK (synchronize-acknowledge) packet, and finally, the client sends an ACK (acknowledge) packet back to the server. This process allows the client and server to establish a reliable connection and confirm that both parties are ready to communicate.

In the context of penetration testing, the full TCP connect scan aims to detect open ports on a target system. During this scan, the tool trying to connect will complete the handshake, allowing it to determine whether a port is accepting connections. If the handshake completes successfully, the port is open; if the server responds with a reset (RST) packet, the port is closed.

Using the three-way handshake distinguishes this scan from other types such as SYN scans, which use only the initial SYN packet and do not complete the handshake, making them stealthier. Understanding this process is fundamental for network security assessments, as it informs how connections are managed over TCP.

Other options do not accurately describe the protocol or the scan technique used