nerdexam
EC-Council

312-50V13 · Question #49

What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the p

The correct answer is B. Firewalking. The technique described, where an attacker uses crafted packets to determine open ports and firewall rules from an untrusted network, is called firewalking.

Submitted by joshua94· Mar 6, 2026Evading IDS, Firewalls, and Honeypots

Question

What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall?

Options

  • ASession hijacking
  • BFirewalking
  • CMan-in-the middle attack
  • DNetwork sniffing

How the community answered

(33 responses)
  • B
    94% (31)
  • C
    3% (1)
  • D
    3% (1)

Why each option

The technique described, where an attacker uses crafted packets to determine open ports and firewall rules from an untrusted network, is called firewalking.

ASession hijacking

Session hijacking involves taking control of an established communication session between two legitimate parties.

BFirewalkingCorrect

Firewalking is a technique used by attackers (or penetration testers) to map out a firewall's rule set and determine which ports are open and which protocols are allowed to pass through it to internal networks. This is typically done by sending packets with a TTL (Time To Live) value crafted to expire just past the firewall, causing an ICMP "Time Exceeded" message if the firewall allows the packet to pass.

CMan-in-the middle attack

A man-in-the-middle (MITM) attack involves an attacker secretly relaying and possibly altering the communication between two parties who believe they are communicating directly.

DNetwork sniffing

Network sniffing involves passively capturing and analyzing network traffic.

Concept tested: Firewall rule set mapping (firewalking)

Topics

#Firewall bypass#Firewalking#Port scanning#Network mapping

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice