Exam SY0-501 topic 1 question 893 discussion

B. Physically check each system.

A. Conduct a ping sweep. Conducting a ping sweep is a non-intrusive method to detect if there is a rogue system on the network. It involves sending ICMP echo requests to a range of IP addresses and waiting for responses. If a system responds that has an unknown or spoofed MAC address, it may be a rogue system. This method is less likely to impact availability compared to the other options listed.

ING VS. PING SWEEP While the ping command is used to ping a single host device to identify its existence, ping sweep helps to ping multiple IP addresses simultaneously. It’s a basic network scanning technique used to determine the range of active and inactive IP addresses available on the network. It’s also used to diagnose potential network issues, downtime, and dead hosts. If the host devices are alive, they respond to ping sweep by sending an ICMP Echo reply. A healthy device should respond within a narrow time frame. If it doesn’t comply with this trend, it’s a sign there are certain issues (overloaded or damaged device) needing to be addressed. NEED FOR PING SWEEP Ping sweep is used for various purposes, such as improving and maintaining network security. It can also be used to: Discover active IP addresses on the network Ensure IP addresses on the network match the documentation Detect rogue devices connected to the network

"Some problems with depending on ping sweeps to find out which hosts are live is that a computer might be shutdown at the time of the sweep and indicate that the IP address doesn't belong to a live host. Another problem with ping sweep is that many network administrators configure nodes to not to respond tcp ICMP echo request and reply." I agree with JFKQOBUM, I would physically check, plus seems like they've done some type of scan or used a command to display the provided network information.

I think this is correct. I had to look it up but a ping sweep will populate arp tables.

Is the provided answer correct?