Exam XK0-004 topic 1 question 160 discussion

The given answer is correct: route and traceroute. With route check to not have any gateway. With traceroute test if have path to that subnet from extern. On both cases should not have.

A,B Tcpdump Examples tcpdump examples needle in haystackPractical tcpdump examples to lift your network troubleshooting and security testing game. Commands and tips to not only use tcpdump but master ways to know your network. Knowing tcpdump is an essential skill that will come in handy for any system administrator, network engineer or security professional. Practical tcpdump examples 1. Extract HTTP User Agents 2. Capture only HTTP GET and POST packets 3. Extract HTTP Request URL's 4. Extract HTTP Passwords in POST Requests 5. Capture Cookies from Server and from Client 6. Capture all ICMP packets 7. ICMP Packets that are not ECHO/REPLY 8. Capture SMTP / POP3 Email 9. Troubleshooting NTP Query and Response 10. Capture SNMP Query and Response 11. Capture FTP Credentials and Commands 12. Rotate Capture Files 13. Capture IPv6 Traffic 14. Detect Port Scan in Network Traffic 15. Example Filter Showing Nmap NSE Script Testing 16. Capture Start and End Packets (SYN/FIN) 17. Capture DNS Request and Response 18. Capture HTTP data packets 19. Capture with tcpdump and view in Wireshark 20. Top Hosts by Packets 21. Capture all the plaintext passwords 22. DHCP Example

Let's start saying when the packet hits "hop 0", connection automatically destroys itself. https://hopzero.com/what-does-hop-count-mean/ So if workstation device has "HOP 0" he can't go throw the network, but can be reached. A. tcpdump => valid because in the header we can see the TTL number; the TTL is the "count register" in the packet header of your devices. https://hopzero.com/wp-content/uploads/hop-count-register-ttl.png B. traceroute => valid because I can hop any step C. route => not valid because doesn't show HOP or TTL, just inside my private network. D. iperf => not valid because that's an external tool and it misures performances and quality of a network link from a client and a server, not TTL/HOPs E. ip => not valid because show about network interface not F. arp => not valid because ISO/OSI level 2, associates a MAC Address to an IP. ping could be a valid option too, but not in the list. i.g.: echo 10 > /proc/sys/net/ipv4/ip_default_ttl ping www.google.it PING www.google.it (142.250.184.99) 56(84) bytes of data. From 142.251.50.137 (142.251.50.137) icmp_seq=1 Time to live exceeded

route - It is used for showing or updating the IP/kernel routing table. traceroute - Returns the names or IP addresses of all the routers between two devices. (Path) tcpdump - Captures and inspect network traffic going to and from your system.

traceroute and tcpdump https://hackertarget.com/tcpdump-examples/

it should be traceroute and tcpdump