nerdexam
Exams312-50V9Questions#87
EC-Council

312-50V9 · Question #87

312-50V9 Question #87: Real Exam Question with Answer & Explanation

The correct answer is A: tcp-over-dns. tcp-over-dns is a client-server tunneling tool that encapsulates TCP traffic inside DNS queries and responses to bypass firewall rules that block most ports but allow DNS.

Question

Which of the following is a client-server tool utilized to evade firewall inspection?

Options

  • Atcp-over-dns
  • Bkismet
  • Cnikto
  • Dhping

Explanation

tcp-over-dns is a client-server tunneling tool that encapsulates TCP traffic inside DNS queries and responses to bypass firewall rules that block most ports but allow DNS.

Common mistakes.

  • B. Kismet is a passive wireless network detector and sniffer used for Wi-Fi reconnaissance, not a client-server firewall evasion tool.
  • C. Nikto is a web server vulnerability scanner that actively probes HTTP/HTTPS services, not a tool designed for firewall tunneling or evasion.
  • D. hping is a packet crafting and network testing utility used to craft custom TCP/IP packets, not a client-server tool for tunneling traffic to evade firewalls.

Concept tested. DNS tunneling for firewall evasion

Reference. https://owasp.org/www-community/attacks/DNS_Rebinding

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V9 Practice