ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam
Go to Exam

Exam 312-50v12 topic 1 question 223 discussion

Actual exam question from ECCouncil's 312-50v12
Question #: 223
Topic #: 1
[All 312-50v12 Questions]

A Certified Ethical Hacker is attempting to gather information about a target organization's network structure through network footprinting. During the operation, they encounter ICMP blocking by the target system's firewall. The hacker wants to ascertain the path that packets take to the host system from a source, using an alternative protocol. Which of the following actions should the hacker consider next?

  • A. Use UDP Traceroute in the Linux operating system by executing the 'traceroute' command with the destination IP or domain name.
  • B. Use the ICMP Traceroute on the Windows operating system as it is the default utility.
  • C. Use the ARIN Whois database search tool to find the network range of the target network.
  • D. Utilize the Path Analyzer Pro to trace the route from the source to the destination target systems.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by DarioReymag at Feb. 6, 2024, 10:38 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
e020fdc
1 month, 1 week ago
Selected Answer: A
Reason why A is correct is explained by others below (not LordXander tho). ChatGPT says for the others: B. ICMP Traceroute on Windows: Windows uses ICMP Echo Request for tracert, which is ineffective if ICMP is blocked. C. ARIN Whois database search: Useful for identifying IP address ownership and ranges, but not for tracing packet paths. D. Path Analyzer Pro: A commercial tool that can be useful, but it's an additional utility, and the question suggests the need for a protocol-level workaround. Also, its effectiveness still depends on how it performs traceroute (may still be blocked if it uses ICMP).
upvoted 1 times
...
Mos3ab
4 months, 2 weeks ago
Selected Answer: A
The traceroute utility in Linux, by default, sends UDP packets to high-numbered ports (starting at 33434) and listens for ICMP "port unreachable" messages from the destination. This method can bypass ICMP blocking since it doesn't rely on ICMP echo requests for its operation. By executing traceroute [destination IP/domain], you can trace the route packets take to the target system.
upvoted 1 times
...
LordXander
9 months ago
Selected Answer: A
UDP..because most defences are not configured for UDP (don't ask how I know that)
upvoted 2 times
...
insaniunt
10 months, 3 weeks ago
Selected Answer: A
A. Use UDP Traceroute in the Linux operating system by executing the 'traceroute' command with the destination IP or domain name. When ICMP is blocked by a firewall, you can use alternative protocols like UDP for tracerouting. In Linux, the 'traceroute' command allows you to specify the UDP protocol using the '-U' option.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel