- Email support@dumps4free.com
Topic 3, Scanning
One of the ways to map a targeted network for live hosts is by sending an ICMP
ECHO request to the broadcast or the network address. The request would be
broadcasted to all hosts on the targeted network. The live hosts will send an ICMP
ECHO Reply to the attacker source IP address.
You send a ping request to the broadcast address 192.168.5.255.
[root@ceh/root]# ping -b 192.168.5.255
WARNING: pinging broadcast address
PING 192.168.5.255 (192.168.5.255) from 192.168.5.1 : 56(84) bytes of data.
64 bytes from 192.168.5.1: icmp_seq=0 ttl=255 time=4.1 ms
64 bytes from 192.168.5.5: icmp_seq=0 ttl=255 time=5.7 ms
--
--
--
There are 40 computers up and running on the target network. Only 13 hosts send a
reply while others do not. Why?
A.
You cannot ping a broadcast address. The above scenario is wrong.
B.
You should send a ping request with this command ping 192.168.5.0-255
C.
Linux machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO
request aimed at the broadcast address or at the network address.
D.
Windows machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO
request aimed at the broadcast address or at the network address.
Windows machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO
request aimed at the broadcast address or at the network address.
Explanation: As stated in the correct option, Microsoft Windows does not handle pings to
a broadcast address correctly and therefore ignores them.
A program that defends against a port scanner will attempt to:
A.
Sends back bogus data to the port scanner
B.
Log a violation and recommend use of security-auditing tools
C.
Limit access by the scanning system to publicly available ports only
D.
Update a firewall rule in real time to prevent the port scan from being completed
Update a firewall rule in real time to prevent the port scan from being completed
Which of the following ICMP message types are used for destinations unreachables?
A. 0
B. 3
C. 11
D. 13
E. 17
A.
0
B.
3
C.
11
D.
13
E.
17
3
Explanation: Type 3 messages are used for unreachable messages. 0 is Echo Reply, 8 is
Echo request, 11 is time exceeded, 13 is timestamp and 17 is subnet mask request.
Learning these would be advisable for the test.
Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the
users have complained to Neil that there are a few employees who are visiting
offensive web site during work hours, without any consideration for others. Neil
knows that he has an up-to-date content filtering system and such access should
not be authorized. What type of technique might be used by these offenders to
access the Internet without restriction?
A.
They are using UDP that is always authorized at the firewall
B.
They are using an older version of Internet Explorer that allow them to bypass the proxy
server
C.
They have been able to compromise the firewall, modify the rules, and give themselves
proper access
D.
They are using tunneling software that allows them to communicate with protocols in a
way it was not intended
They are using tunneling software that allows them to communicate with protocols in a
way it was not intended
Explanation: This can be accomplished by, for example, tunneling the http traffic over
SSH if you have a SSH server answering to your connection, you enable dynamic
forwarding in the ssh client and configure Internet Explorer to use a SOCKS Proxy for
network traffic.
Jenny a well known hacker scanning to remote host of 204.4.4.4 using nmap. She
got the scanned output but she saw that 25 port states is filtered. What is the
meaning of filtered port State?
A.
Can Accessible
B.
Filtered by firewall
C.
Closed
D.
None of above
Filtered by firewall
Explanation: The state is either open, filtered, closed, or unfiltered. Filtered means that a
firewall, filter, or other network obstacle is blocking the port so that Nmap cannot tell
whether it is open or closed.
| Page 22 out of 153 Pages |
| Previous |