Certified Ethical Hacker (CEH v12) — Question 184

A penetration tester was assigned to scan a large network range to find live hosts. The network is known for using strict TCP filtering rules on its firewall, which may obstruct common host discovery techniques. The tester needs a method that can bypass these firewall restrictions and accurately identify live systems. What host discovery technique should the tester use?

Answer options

• A. ICMP Timestamp Ping Scan
• B. ICMP ECHO Ping Scan
• C. TCP SYN Ping Scan
• D. UDP Ping Scan

Correct answer: D

Explanation

The correct answer is D, UDP Ping Scan, as it can bypass strict TCP filtering by using UDP packets, which are often less restricted by firewalls. Options A and B involve ICMP, which may be blocked by the firewall, while option C uses TCP, which is likely to be filtered out, making them ineffective for this scenario.