312-50V12 Question #240: Real Exam Question with Answer & Explanation

Question

Being a Certified Ethical Hacker (CEH), a company has brought you on board to evaluate the safety measures in place for their network system. The company uses a network time protocol server in the demilitarized zone. During your enumeration, you decide to run a ntptrace command. Given the syntax: ntptrace [-n] [-m maxhosts] [servername/IP_address], which command usage would best serve your objective to find where the NTP server obtains the time from and to trace the list of NTP servers connected to the network?

Options

• Antptrace -n -m 5192.168.1.1
• Bntptrace -m 5192.168.1.1
• Cntptrace -n localhost
• Dntptrace 192.168.1.1

Explanation

This question tests knowledge of the ntptrace command and its flags for tracing NTP server hierarchies during network enumeration. The correct syntax uses -m to limit hops while resolving hostnames to trace the NTP chain.

Common mistakes.

• A. The syntax 'ntptrace -n -m 5192.168.1.1' is malformed because there is no space between the maxhosts value (5) and the IP address (192.168.1.1), making it an invalid command that would fail to execute properly.
• C. Using 'ntptrace -n localhost' queries only the local machine without specifying a maximum hop count, and the -n flag suppresses hostname resolution, reducing the informativeness of the trace for identifying connected NTP servers in the network.
• D. While 'ntptrace 192.168.1.1' would query the target server, it omits the -m flag to set a maximum number of hops, meaning the trace could be incomplete or unlimited, making it less controlled and precise for enumerating the NTP hierarchy.

Concept tested. NTP enumeration using ntptrace command flags

Reference. https://doc.ntp.org/documentation/4.2.8-series/ntptrace/

No community discussion yet for this question.