Which filter to locate unusual ICMP request an Analyst can use in order to detect a ICMP probes from the attacker to a target OS looking for the response to perform ICMP based fingerprinting?
A.
(icmp.type==9 && ((!(icmp.code==9))
B.
(icmp.type==8 && ((!(icmp.code==8))
C.
(icmp.type==12) | | (icmp.type==15| |(icmp.type==17)
D.
(icmp.type==14) | | (icmp.type==15| |(icmp.type==17)
A. (icmp.type==9 && ((!(icmp.code==9))
This filter captures ICMP Type 9 (Router Advertisement) messages that are sent by routers to a specific host or to all hosts on a network to advertise their presence and network topology information. Attackers can use this information to perform ICMP-based fingerprinting of the target operating system. The filter also excludes any ICMP Code 9 messages, which are used for private network testing and should not be seen on a public network.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.312-38 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
DePat
10 months, 2 weeks agoethacker
1 year, 2 months agoPiotrG
1 year, 4 months ago