Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-49v10 All Questions

View all questions & answers for the 312-49v10 exam
Go to Exam

Exam 312-49v10 topic 1 question 156 discussion

Actual exam question from ECCouncil's 312-49v10
Question #: 156
Topic #: 1
[All 312-49v10 Questions]

John is using Firewalk to test the security of his Cisco PIX firewall. He is also utilizing a sniffer located on a subnet that resides deep inside his network. After analyzing the sniffer log files, he does not see any of the traffic produced by Firewalk. Why is that?

  • A. Firewalk cannot pass through Cisco firewalls
  • B. Firewalk sets all packets with a TTL of zero
  • C. Firewalk cannot be detected by network sniffers
  • D. Firewalk sets all packets with a TTL of one
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by BarryMacockener at Nov. 9, 2022, 3:35 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Elb
6 months, 3 weeks ago
Selected Answer: D
D < ... It works by sending out TCP or UDP packets with a TTL one [hop greater than the targeted gateway].
upvoted 1 times
...
torabi123
1 year ago
The Firewalk tool typically sends packets with varying TTL values, starting with a TTL of 1 and incrementing it with each probe. By monitoring the responses to these packets, Firewalk can infer the behavior of the target firewall. If a packet with a specific TTL value is allowed to pass through the firewall and reach its intended destination, Firewalk deduces that the corresponding port is open. If the packet is blocked or dropped by the firewall, Firewalk determines that the port is closed. --> Firewalk sets all packets with a TTL of one
upvoted 1 times
...
Malko59
1 year, 3 months ago
Selected Answer: A
I think the best answer is A. Firewalk is used to test the security of the firewall. If tested ports are closed or ICMP is droped by the firewall (which is a good security option) nothing will go trough the FW whatever the TTL. Another possibility is that the sniffer is placed too far from the target and the TTL is too low. So nothing reach the sniffer. But I prefere the A response. Any other suggestion is welcomed
upvoted 1 times
...
BarryMacockener
2 years ago
This is not correct. Firewalk does not set TTL of all packets to one... it sets the TTL to one hop greater than the target gateway. The best answer is probably C, if this is the way the answers are actually worded on the exam question.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel