New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCED Exam - Topic 8 Question 20 Discussion

Actual exam question for GIAC's GCED exam
Question #: 20
Topic #: 8
[All GCED Questions]

Although the packet listed below contained malware, it freely passed through a layer 3 switch. Why didn't the switch detect the malware in this packet?

Show Suggested Answer Hide Answer
Suggested Answer: D

Routers, layer 3 switches, some firewalls, and other gateways are packet filtering devices that use access control lists (ACLs) and perform packet inspection. This type of device uses a small subset of the packet to make filtering decisions, such as source and destination IP address and protocol. These devices will then allow or deny protocols based on their associated ports. This type of packet inspection and access control is still highly susceptible to malicious attacks, because payloads and other areas of the packet are not being inspected. For example, application level attacks that are tunneled over open ports such as HTTP (port 80) and HTTPS (port 443).


by Lucina at May 05, 2022, 05:29 AM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Jenifer
4 months ago
Wait, so a switch can miss malware? That’s wild!
upvoted 0 times
...
Dion
4 months ago
Nah, it probably just didn’t inspect deeply enough.
upvoted 0 times
...
Rusty
4 months ago
Definitely a fragmentation attack!
upvoted 0 times
...
Tarra
4 months ago
I think it’s because the data was encrypted.
upvoted 0 times
...
Andra
5 months ago
The switch only checks headers, not payloads.
upvoted 0 times
...
Barrie
5 months ago
I'm not entirely sure, but I feel like fragmentation attacks could be a reason. Maybe the switch couldn't reassemble the packet properly?
upvoted 0 times
...
Ruthann
5 months ago
I think it could be related to encryption. If the data was encrypted, the switch wouldn't be able to analyze it for malware, right?
upvoted 0 times
...
Daisy
5 months ago
I remember studying that layer 3 switches only operate at the network layer, so they might not inspect the packet contents deeply enough.
upvoted 0 times
...
Hubert
5 months ago
I recall a practice question about packet inspection, and it mentioned that switches don't look at the payload. So, option D seems plausible to me.
upvoted 0 times
...
Lillian
5 months ago
Ugh, database security questions are the worst. I'm just going to guess on this one - maybe parity checks? That sounds kind of related to data integrity, but I'm not confident at all.
upvoted 0 times
...
Tish
5 months ago
If the user's response is 25, I'm guessing option B is the correct answer since the code seems to be checking if the user is old enough to rent a car.
upvoted 0 times
...
Leslie
5 months ago
Hmm, I'm not too sure about this one. I'll need to think it through carefully to make sure I get the right answer.
upvoted 0 times
...

Save Cancel