Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50 All Questions

View all questions & answers for the 312-50 exam
Go to Exam

Exam 312-50 topic 4 question 19 discussion

Actual exam question from ECCouncil's 312-50
Question #: 19
Topic #: 4
[All 312-50 Questions]

A penetration tester is attempting to scan an internal corporate network from the internet without alerting the border sensor. Which is the most efficient technique should the tester consider using?

  • A. Spoofing an IP address
  • B. Tunneling scan over SSH
  • C. Tunneling over high port numbers
  • D. Scanning using fragmented IP packets
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by pindarots at Feb. 22, 2020, 2:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
pindarots
Highly Voted 4 years, 9 months ago
Scanning using fragmented IP packets?
upvoted 10 times
...
bic3p
Most Recent 2 months, 3 weeks ago
Selected Answer: B
some ids and ips have the ability to connect the fragmented packets and hence couldnt be the answer. So option b is correct
upvoted 1 times
...
Router
1 year, 9 months ago
it cant be D cos A is also used to bypass FW.
upvoted 1 times
...
salei
1 year, 12 months ago
Selected Answer: D
While the question says the pen tester is trying to scan the internal network from the internet (let's assume static nat or something), then this is the correct answer: https://nmap.org/book/man-bypass-firewalls-ids.html -f (fragment packets); --mtu (using the specified MTU) The -f option causes the requested scan (including ping scans) to use tiny fragmented IP packets. The idea is to split up the TCP header over several packets to make it harder for packet filters, intrusion detection systems, and other annoyances to detect what you are doing
upvoted 2 times
...
swetty
2 years ago
Selected Answer: D
IP fragmentation scan is a method to attempt evasion of IDS
upvoted 1 times
...
Goki_28
2 years, 5 months ago
Selected Answer: D
Scanning using fragmented IP packets.
upvoted 1 times
...
Goki_28
2 years, 5 months ago
Scanning using fragmented IP packets.
upvoted 1 times
...
Hacker100
3 years, 2 months ago
Correct answer is D. Scanning using fragmented IP packets
upvoted 2 times
...
brider
4 years, 7 months ago
B. Tunneling scan over SSH
upvoted 3 times
virus9
4 years, 1 month ago
An already established connection in the network is needed first. https://isc.sans.edu/forums/diary/Tunneling+scanners+or+really+anything+over+SSH/24286/
upvoted 1 times
virus9
4 years, 1 month ago
But since the question says, "penetration tester" and not a hacker, it means he might already been given the access.
upvoted 1 times
...
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel