Notifications
Clear all
Topic starter
A security analyst is auditing firewall rules with the goal of scanning some known ports to check the firewall’s behavior and responses.
The analyst executes the following commands:
The analyst then compares the following results for port 22:
nmap returns “Closed”
hping3 returns “flags=RA”
Which of the following BEST describes the firewall rule?
- A . DNAT C-to-destination 1.1.1.1:3000
B. REJECT with C-tcp-reset
C. LOG C-log-tcp-sequence
D. DROP
Suggested Answer: B
Explanation:
No doubt does the nmap result mean its being rejected as it returns closed. However, what threw me for a loop was the hping3 response. After further web surfing I found that the "flag=RA" means actually means "flag= RST, ACK" which means that it too was rejected.
Explanation:
No doubt does the nmap result mean its being rejected as it returns closed. However, what threw me for a loop was the hping3 response. After further web surfing I found that the "flag=RA" means actually means "flag= RST, ACK" which means that it too was rejected.
Posted : 02/02/2023 2:57 am