nerdexam
Exams312-50V11Questions#9
EC-Council

312-50V11 · Question #9

312-50V11 Question #9: Real Exam Question with Answer & Explanation

The correct answer is B: Hping. Hping is a versatile command-line packet crafting tool that can send TCP-based probes to hosts, making it useful when ICMP is blocked.

Question

If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which tool could the tester use to get a response from a host using TCP?

Options

  • ATraceroute
  • BHping
  • CTCP ping
  • DBroadcast ping

Explanation

Hping is a versatile command-line packet crafting tool that can send TCP-based probes to hosts, making it useful when ICMP is blocked.

Common mistakes.

  • A. Traceroute relies primarily on ICMP or UDP packets to map network paths and would also be blocked in an ICMP-disabled environment without special TCP mode flags.
  • C. TCP ping describes a general concept or technique rather than a specific standalone tool available in a standard penetration testing toolkit.
  • D. Broadcast ping sends ICMP echo requests to a subnet broadcast address and does not help when ICMP is disabled on the target network.

Concept tested. TCP-based host discovery using Hping

Reference. http://www.hping.org/manpage.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V11 Practice