An analyst sees the following output from a packet capture:

CS0-002

Last Post by Rolando 2 years ago

1 Posts

1 Users

0 Likes

188 Views

RSS

Rolando

(@bulluckrolando)

Noble Member

Joined: 2 years ago

Posts: 664

Topic starter 25/06/2022 7:48 pm

An organization wants to mitigate against risks associated with network reconnaissance. ICMP is already blocked at the firewall; however, a penetration testing team has been able to perform reconnaissance against the organization’s network and identify active hosts.

An analyst sees the following output from a packet capture:

Which of the following phrases from the output provides information on how the testing team is successfully getting around the ICMP firewall rule?

A . flags=RA indicates the testing team is using a Christmas tree attack
B . ttl=64 indicates the testing team is setting the time to live below the firewall’s threshold
C . 0 data bytes indicates the testing team is crafting empty ICMP packets
D . NO FLAGS are set indicates the testing team is using hping

Show Answer Hide Answer

Suggested Answer: D

Quote

Topic Tags

CompTIA CySA+

Latest CompTIA CS0-002 Dumps Valid Version

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PDF

Forum Jump:

Previous Topic

Next Topic