Exam 312-50v11 topic 1 question 160 discussion

Exact wording from v11 studyguide (online book) "In the ARP ping scan, the ARP packets are sent for discovering all active devices in the IPv4 range even though the presence of such devices is hidden by restrictive firewalls."

B. In the ARP ping scan, the ARP packets are sent for discovering all active devices in the IPv4 range even though the presence of such devices is hidden by restrictive firewalls.

Answer is C. ACK flag probe scan

In the ARP ping scan, the ARP packets are sent for discovering all active devices in the IPv4 range even though the presence of such devices is hidden by restrictive firewalls. EC-Council's CEH book pg 176

The correcto option is B. B. ARP ping scan. It works by sending ARP requests to each IP address in the target IPv4 range. If a host is active and responds to the ARP request. ARP requests operate at the data link layer and are typically not blocked by firewalls. This technique allows him to identify active devices on the network that might be hidden from traditional IP-based scanning methods

The correct option is B: ARP ping scan

In the ARP ping scan, the ARP packets are sent for discovering all active devices in the IPv4 range even though the presence of such devices is hidden by restrictive firewalls. CEH Module 03 Page 176

" hidden by a restrictive firewall " so is will not by ARP, but ACK flag.

Firewall evasion: Since ACK flag probe scans are less likely to be detected by firewalls than other types of scans, they can be used to evade detection and gain information about a target system's open ports.

B Exactly the same definition on ceh v11 book says. Exactly!

ARP Ping Scan (P. 278)

Correct

The key wording here is "a given target network". My interpretation is that he is in the LAN, so answer is B = ARP Scan.

ARP ping scan In the ARP ping scan, the ARP packets are sent for discovering all active devices in the IPv4 range even though the presence of such devices is hidden by restrictive firewalls. It can also show the MAC addresses of all devices sharing the same IPv4 address on the LAN. # Nmap -sn -PR <target IP address> (P.277/261)

In the ARP ping scan, the ARP packets are sent for discovering all active devices in the IPv4 range even though the presence of such devices is hidden by restrictive firewalls.

Correct answer is ARP Ping scan - only host discovery technique here, although it requires you to have a foothold in the network already

B should be the correct answer. Restrictive is the key word, ARP would always be allowed through