Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCED Exam - Topic 8 Question 45 Discussion

Actual exam question for GIAC's GCED exam
Question #: 45
Topic #: 8
[All GCED Questions]

When running a Nmap UDP scan, what would the following output indicate?

Show Suggested Answer Hide Answer
Suggested Answer: C

In a case study of a redirect tunnel set up on a router, some anomalies were noticed while watching network traffic with the TCPdump packet sniffer.

Packets going to port 25 (Simple Mail Transfer Protocol [SMTP] used by mail servers and other Mail Transfer Agents [MTAs] to send and receive e-mail) were apparently taking a different network path. The TLs were consistently three less than other destination ports, indicating another three network hops were taken.

Other IP header values listed, such as fragment offset. The acknowledgement number is a TCP, not IP, header field.


by Myra at Jul 12, 2024, 10:40 AM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Norah
6 months ago
Wait, how can an open port send an ICMP unreachable? Sounds off.
upvoted 0 times
...
Lorita
6 months ago
A makes the most sense, I agree with that.
upvoted 0 times
...
Sang
6 months ago
C is misleading, ICMP unreachable means closed, not open.
upvoted 0 times
...
Karima
7 months ago
I think B is more accurate, the router's reply matters.
upvoted 0 times
...
Darrel
7 months ago
Definitely A, could be a firewall issue.
upvoted 0 times
...
Johnna
7 months ago
I recall that an ACK response is more typical for TCP, so I think option D is probably not correct. I’m leaning towards A or B, but I need to think more about it.
upvoted 0 times
...
Lyndia
7 months ago
I feel like option B could be the right answer since it mentions the router, but I’m not completely confident about how UDP behaves in this scenario.
upvoted 0 times
...
Ryan
8 months ago
I practiced a similar question where we discussed ICMP messages. I think option C might be related to that, but it seems a bit off for an open port.
upvoted 0 times
...
Ollie
8 months ago
I remember that UDP scans can be tricky because they often don't give clear results like TCP scans do. I think option A sounds familiar, but I'm not entirely sure.
upvoted 0 times
...
Francoise
8 months ago
This is a good test of my Nmap skills. I'm pretty confident I know what this output means, so I'll give it my best shot.
upvoted 0 times
...
Lashaun
8 months ago
I'm a bit confused by the options here. I'll need to double-check my understanding of how Nmap interprets UDP scan results before selecting an answer.
upvoted 0 times
...
Nichelle
8 months ago
Okay, I've seen this type of output before. I think the key is understanding what an ICMP unreachable message indicates in a UDP scan. I've got a strategy for this.
upvoted 0 times
...
Arlyne
8 months ago
This looks like a tricky Nmap UDP scan question. I'll need to think through the possible responses carefully.
upvoted 0 times
...
Farrah
8 months ago
Hmm, I'm not totally sure about this one. The output seems a bit ambiguous to me. I'll have to review my Nmap knowledge before answering.
upvoted 0 times
...
Vernell
8 months ago
The device not being configured for 802.1X authentication is an obvious possibility. I'll double-check that setting.
upvoted 0 times
...
Rima
8 months ago
This question seems straightforward, I think I can handle it.
upvoted 0 times
...
Alise
8 months ago
I'm a bit confused by the options here. What's the difference between the "Linux x86 with 64 bit JVM" and the "ZIP distribution for Linux"? Aren't they both 64-bit distributions? I'll have to research this a bit more before answering.
upvoted 0 times
...
Kristeen
1 year ago
I'm going with C. An ICMP unreachable message was received indicating an open port. That's the only one that really makes sense to me.
upvoted 0 times
Vanna
11 months ago
I'm not sure about C, but D) An ACK was received in response to the initial probe packet could also be a possibility.
upvoted 0 times
...
Eden
12 months ago
I agree with you, C) An ICMP unreachable message was received indicating an open port seems to be the correct answer.
upvoted 0 times
...
India
12 months ago
I'm leaning towards B) The router in front of the host accepted the request and sent a reply.
upvoted 0 times
...
Vashti
12 months ago
I think A) The port may be open on the system or blocked by a firewall is more likely.
upvoted 0 times
...
...
Margery
1 year ago
Ha! I bet the person who wrote this question is a real prankster. They're trying to trick us with these answers.
upvoted 0 times
Azalee
12 months ago
C) An ICMP unreachable message was received indicating an open port
upvoted 0 times
...
Tabetha
12 months ago
B) The router in front of the host accepted the request and sent a reply
upvoted 0 times
...
Gilma
1 year ago
A) The port may be open on the system or blocked by a firewall
upvoted 0 times
...
...
Mertie
1 year ago
Wait, are you sure? I thought the correct answer was A. The port may be open on the system or blocked by a firewall. I'm a bit confused here.
upvoted 0 times
Cory
12 months ago
I'm not entirely sure, but I believe it could be either A or C. It depends on the specific situation.
upvoted 0 times
...
Desirae
1 year ago
Actually, it could also be C. An ICMP unreachable message was received indicating an open port.
upvoted 0 times
...
Anglea
1 year ago
I think the correct answer is A. The port may be open on the system or blocked by a firewall.
upvoted 0 times
...
...
Cordelia
1 year ago
Hmm, I think the answer is B. The router in front of the host accepted the request and sent a reply. That's what the output seems to indicate.
upvoted 0 times
Marion
12 months ago
I'm leaning towards D. An ACK was received in response to the initial probe packet.
upvoted 0 times
...
Jerry
12 months ago
I agree with B. The router in front of the host accepted the request and sent a reply.
upvoted 0 times
...
Lizbeth
1 year ago
I believe it's C. An ICMP unreachable message was received indicating an open port.
upvoted 0 times
...
Ceola
1 year ago
I think the answer is A. The port may be open on the system or blocked by a firewall.
upvoted 0 times
...
...
Carylon
1 year ago
I'm not sure, but I think C) An ICMP unreachable message was received indicating an open port could also be a possibility.
upvoted 0 times
...
Rory
1 year ago
I agree with Glennis, because the output shows that the port is either open or blocked by a firewall.
upvoted 0 times
...
Glennis
1 year ago
I think the answer is A) The port may be open on the system or blocked by a firewall.
upvoted 0 times
...

Save Cancel