ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam
Go to Exam

Exam 312-50v11 topic 1 question 277 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 277
Topic #: 1
[All 312-50v11 Questions]

Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results?

TCP port 21 no response -

TCP port 22 no response -
TCP port 23 Time-to-live exceeded

  • A. The lack of response from ports 21 and 22 indicate that those services are not running on the destination server
  • B. The scan on port 23 was able to make a connection to the destination host prompting the firewall to respond with a TTL error
  • C. The scan on port 23 passed through the filtering device. This indicates that port 23 was not blocked at the firewall
  • D. The firewall itself is blocking ports 21 through 23 and a service is listening on port 23 of the target host
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by ANDRESCB1988 at July 23, 2021, 6:34 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Scryptic
Highly Voted 1 year, 7 months ago
There is an interesting way of knowing what kind of filters are placed in the gateway of a specific host. It is called firewalk and it is based on IP TTL expiration. The algorithm goes as follows: The entire route is determined using any of the traceroute techniques available A packet is sent with the TTL equal to the distance to the target If the packet times out, it is resent with the TTL equal to the distance to the target minus one. If an ICMP type 11 code 0 (Time-to-Live exceeded) is received, the packet was forwarded and so the port is not blocked. If no response is received, the port is blocked on the gateway.
upvoted 10 times
...
Daniel8660
Most Recent 6 months, 3 weeks ago
Selected Answer: C
Firewall Evasion Techniques Firewall Identification - Firewalking a method of collecting information about remote networks behind firewalls. Technique that uses TTL values to determine gateway ACL filters and map networks by analyzing the IP packet response. (P.1567/1551) # Nmap -O -sA <target IP address>
upvoted 2 times
...
ANDRESCB1988
1 year, 9 months ago
correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago