GAQM CPEH-001 Exam - Topic 2 Question 19 Discussion

Actual exam question for GAQM's CPEH-001 exam

Question #: 19
Topic #: 2

To scan a host downstream from a security gateway, Firewalking:

ASends a UDP-based packet that it knows will be blocked by the firewall to determine how specifically the firewall responds to such packets

BUses the TTL function to send packets with a TTL value set to expire one hop past the identified security gateway

CSends an ICMP ''administratively prohibited'' packet to determine if the gateway will drop the packet without comment.

DAssesses the security rules that relate to the target system before it sends packets to any hops on the route to the gateway

Show Suggested Answer

Suggested Answer: B

Firewalking uses a traceroute-like IP packet analysis to determine whether or not a particular packet can pass from the attacker's host to a destination host through a packet-filtering device. This technique can be used to map 'open' or 'pass through' ports on a gateway. More over, it can determine whether packets with various control information can pass through a given gateway.

by Deonna at May 03, 2022, 02:22 PM

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Caitlin

4 months ago

Nope, it's definitely the TTL method!

upvoted 0 times

...

Elli

4 months ago

I thought it was about UDP packets being blocked?

upvoted 0 times

...

Garry

4 months ago

Wait, are we sure about that? Sounds a bit off.

upvoted 0 times

...

Aracelis

4 months ago

Totally agree, it's all about the TTL value!

upvoted 0 times

...

Paulina

5 months ago

Firewalking uses TTL to probe past firewalls.

upvoted 0 times

...

Katina

5 months ago

I don't think Firewalking assesses security rules before sending packets; it seems more focused on how the firewall responds to specific packet types.

upvoted 0 times

...

Honey

5 months ago

I remember practicing a question similar to this, and I think the correct answer involves sending packets that expire at the firewall.

upvoted 0 times

...

Cecil

5 months ago

I think Firewalking is about using TTL values, but I'm not entirely sure if it's specifically for one hop past the gateway.

upvoted 0 times

...

Colton

5 months ago

I feel like option A sounds familiar, but I can't recall if it actually relates to Firewalking or just general firewall testing.

upvoted 0 times

...

Cordelia

5 months ago

This question seems pretty straightforward. I think the key is to identify the right cloud services to migrate the existing infrastructure to, while ensuring scalability and maximizing ROI.

upvoted 0 times

...

Olen

5 months ago

I'm a bit confused by the question. It's asking me to complete a command, but I'm not sure which command it's referring to. I'll need to carefully read through the details to understand the context.

upvoted 0 times

...

Moon

5 months ago

I'm pretty sure the purpose of /etc/profile is to set environment variables for users when they log in, so I'll go with option C.

upvoted 0 times

...