Which Nmap scan type is known for being fast and stealthy?

The TCP SYN scan is known for being fast and stealthy due to the way it interacts with the target system. This type of scan uses the initial segment of the TCP handshake, known as the SYN packet, to determine if a port is open, closed, or filtered without completing the full handshake process.

When a TCP SYN packet is sent to a target port, an open port will respond with a SYN-ACK packet, indicating that the port is listening. In contrast, a closed port will respond with a RST packet. This method allows the scanner to identify open ports quickly while reducing the likelihood of being detected by firewalls or intrusion detection systems, as it doesn't establish a full connection. As a result, it is often referred to as a "stealth scan."

In contrast, other scanning types, such as UDP scans, typically take longer to execute because they require additional wait times for responses, making them less efficient for rapid reconnaissance. The Zed Attack Proxy is a web application security scanner, which is not directly related to Nmap port scanning techniques. The TCP connect scan completes the full TCP handshake, making it easier to detect and trace as it fully establishes a connection with the target system. Therefore, the TCP SYN scan is particularly