XK0-005 · Question #1167
XK0-005 Question #1167: Real Exam Question with Answer & Explanation
The correct answer is A: tcpdump. {"question_number": 8, "question": "Confirming that setting ip_default_ttl to 0 keeps traffic within the local subnet", "correct_answer": "A, B", "explanation": "Setting /proc/sys/net/ipv4/ip_default_ttl to 0 causes outgoing packets to have a TTL of 0, meaning any router that rec
Question
A technician wants to secure a sensitive workstation by ensuring network traffic is kept within the local subnet. To accomplish this task, the technician executes the following command: echo 0 > /proc/sys/net/ipv4/ip_default_ttl Which of the following commands can the technician use to confirm the expected results? (Choose two.)
Options
- Atcpdump
- Btraceroute
- Croute
- Diperf
- Eip
- Farp
Explanation
{"question_number": 8, "question": "Confirming that setting ip_default_ttl to 0 keeps traffic within the local subnet", "correct_answer": "A, B", "explanation": "Setting /proc/sys/net/ipv4/ip_default_ttl to 0 causes outgoing packets to have a TTL of 0, meaning any router that receives them will discard them (routers decrement TTL and drop packets that reach 0), effectively preventing traffic from leaving the local subnet. To CONFIRM this behavior: (A) tcpdump captures live network traffic on an interface - you can verify packets are being sent but not traversing beyond the local network by observing that no return traffic arrives from remote hosts; (B) traceroute probes the path packets take hop by hop - with TTL=0 you will see that packets fail to reach even the first router, confirming they cannot leave the local subnet. Options C (route) and E (ip) show routing table information but do not confirm actual packet behavior. Option D (iperf) tests bandwidth and option F (arp) shows Layer 2 address resolution - neither confirms TTL-based containment.", "generated_by": "claude-sonnet", "llm_judge_score": 3}
Topics
Community Discussion
No community discussion yet for this question.