Certified Ethical Hacker (CEH v10) — Question 141

The network in ABC company is using the network address 192.168.1.64 with mask 255.255.255.192. In the network the servers are in the addresses
192.168.1.122, 192.168.1.123 and 192.168.1.124.
An attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is: nmap 192.168.1.64/28
Why he cannot see the servers?

Answer options

• A. He needs to change the address to 192.168.1.0 with the same mask
• B. He needs to add the command ""ip address"" just before the IP address.
• C. He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range.
• D. The network must be down and the nmap command and IP address are ok

Correct answer: C

Explanation

The correct answer is C because the subnet mask /28 allows for a range of IP addresses from 192.168.1.64 to 192.168.1.79, which does not include the server addresses of 192.168.1.122, 192.168.1.123, and 192.168.1.124. Options A and B are incorrect because they do not address the range limitation of the scanning command. Option D is also incorrect as the network being down is not a necessary condition to explain the failure to detect the servers.