GAQM Exam CPEH-001 Topic 4 Question 103 Discussion

Actual exam question for GAQM's CPEH-001 exam

Question #: 103
Topic #: 4

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this information?

AThe packets were sent by a worm spoofing the IP addresses of 47 infected sites

BICMP ID and Seq numbers were most likely set by a tool and not by the operating system

CAll 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number

D13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0

Show Suggested Answer

Suggested Answer: B

Firewalking uses a traceroute-like IP packet analysis to determine whether or not a particular packet can pass from the attacker's host to a destination host through a packet-filtering device. This technique can be used to map 'open' or 'pass through' ports on a gateway. More over, it can determine whether packets with various control information can pass through a given gateway.

by Rosina at Nov 15, 2024, 10:36 AM

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Jacinta

2 days ago

I think the packets were sent by a worm spoofing the IP addresses of infected sites.

upvoted 0 times

...