312-49 · Question #275
312-49 Question #275: Real Exam Question with Answer & Explanation
The correct answer is C: Only Unix and Unix-like systems will reply to this scan. When an ICMP echo request is sent to a network broadcast address, only Unix and Unix-like systems (Linux, BSD, etc.) will respond by default. Windows systems ignore ICMP requests directed to broadcast addresses and do not reply. Since the DoD network is likely a mix of operating
Question
After passively scanning the network of Department of Defense (DoD), you switch over to active scanning to identify live hosts on their network. DoD is a large organization and should respond to any number of scans. You start an ICMP ping sweep by sending an IP packet to the broadcast address. Only five hosts responds to your ICMP pings; definitely not the number of hosts you were expecting. Why did this ping sweep only produce a few responses?
Options
- AOnly IBM AS/400 will reply to this scan
- BOnly Windows systems will reply to this scan
- COnly Unix and Unix-like systems will reply to this scan
- DA switched network will not respond to packets sent to the broadcast address
Explanation
When an ICMP echo request is sent to a network broadcast address, only Unix and Unix-like systems (Linux, BSD, etc.) will respond by default. Windows systems ignore ICMP requests directed to broadcast addresses and do not reply. Since the DoD network is likely a mix of operating systems, only the Unix/Unix-like hosts responded, which explains the unexpectedly low number of replies. This is a fundamental behavioral difference between Windows and Unix networking stacks regarding broadcast ICMP handling.
Topics
Community Discussion
No community discussion yet for this question.