GIAC
GCIH · Question #501
Which of the following will best protect your network from being mapped by untrusted, external sources, while still allowing trusted sources to verify network connectivity with ping requests and repli
Sign in or unlock GCIH to reveal the answer and full explanation for question #501. The question stem and answer options stay visible for context.
Reconnaissance, Scanning, and Enumeration
Question
Which of the following will best protect your network from being mapped by untrusted, external sources, while still allowing trusted sources to verify network connectivity with ping requests and replies?
Options
- AUse settings on a network mapping tool to limit inbound ICMP and protect your network
- BEstablish an IDS on the DMZ to alert on all inbound ICMP requests
- CShut down ICMP and traceroute on your internal servers
- DFilter ICMP at the perimeter, allowing ICMP only from trusted sources
Unlock GCIH to see the answer
You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#ICMP filtering#perimeter security#network mapping defense#trusted sources