During network monitoring, an analyst identifies TCP sessions with the SYN flag set but no corresponding SYN-ACK responses from the destination. What does this pattern MOST likely indicate?
-
A
TCP session hijacking
-
B
SYN scan (half-open scan) reconnaissance
-
C
Established encrypted tunnels
-
D
ARP spoofing in progress