ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v13 All Questions

View all questions & answers for the 312-50v13 exam
Go to Exam

Exam 312-50v13 topic 1 question 188 discussion

Actual exam question from ECCouncil's 312-50v13
Question #: 188
Topic #: 1
[All 312-50v13 Questions]

A penetration tester was assigned to scan a large network range to find live hosts. The network is known for using strict TCP filtering rules on its firewall, which may obstruct common host discovery techniques. The tester needs a method that can bypass these firewall restrictions and accurately identify live systems. What host discovery technique should the tester use?

  • A. ICMP Timestamp Ping Scan
  • B. ICMP ECHO Ping Scan
  • C. TCP SYN Ping Scan
  • D. UDP Ping Scan
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by pindinga1 at Feb. 5, 2025, 2:02 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
krishccie
2 weeks, 2 days ago
Selected Answer: C
TCP SYN scans can be more effective at bypassing firewalls because they exploit the TCP three-way handshake. By sending a SYN packet and analyzing the response (SYN/ACK for open ports, RST for closed ports), the tester can determine if a host is alive without completing the full handshake. This "half-open" scan is often less detectable than ICMP scans. Firewalls are often configured to allow some TCP traffic, because many services rely on it.
upvoted 1 times
...
KiranYS
2 weeks, 3 days ago
Selected Answer: C
A TCP SYN Ping Scan is effective for bypassing strict TCP filtering rules because it sends SYN packets to a specific port, checking for a SYN-ACK response to identify live hosts. Unlike ICMP-based scans, which are often blocked by firewalls, SYN scans can work even if ICMP traffic is restricted. Firewalls may allow SYN packets through to specific services, making this technique useful in restricted environments.
upvoted 1 times
...
Dogeo
1 month, 3 weeks ago
Selected Answer: C
In a firewalled and heavily filtered network, a TCP SYN Ping Scan is the best host discovery method. It allows a stealthy and reliable way to detect live hosts without relying on ICMP or UDP responses.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago