GCIH Question #458: Real Exam Question with Answer & Explanation

The correct answer is C: Proxy based server. External network mapping tools often rely on TTL values and ICMP messages. Using a proxy server instead of a packet filter can foil these types of reconnaissance. Proxies are an end point of the connection; the packets are not forwarded, so their life ends upon reaching the proxy

Reconnaissance, Scanning, and Enumeration

Question

Which of the following could help prevent the threat of an external entity mapping a network's internal systems and filtering rules?

Options

AIPSec
BGateway anti-virus
CProxy based server
DDNSSEC

Explanation

External network mapping tools often rely on TTL values and ICMP messages. Using a proxy server instead of a packet filter can foil these types of reconnaissance. Proxies are an end point of the connection; the packets are not forwarded, so their life ends upon reaching the proxy, skewing the TTL values. IPSec, DNSSEC, and Gateway antivirus don't prevent these types of attacks.

Topics

#network mapping defense#proxy server#internal topology concealment#reconnaissance countermeasure

Community Discussion

No community discussion yet for this question.

Full GCIH Practice