EC-Council Certified Security Analyst (ECSA v10) — Question 10
Depp Networks is a leader in providing ethical hacking services. They were tasked to examine the strength of a client network. After using a wide range of tests, they finally zeroed in on ICMP tunneling to bypass the firewall.
What factor makes ICMP tunneling appropriate to bypass the firewall?
Answer options
- A. Deep packet inspection
- B. Firewalls can not inspect ICMP packets
- C. Firewalls can not handle the fragmented packets
- D. The payload portion is arbitrary and not examined by most firewalls
Correct answer: D
Explanation
ICMP tunneling is effective for bypassing firewalls because the payload is often arbitrary and many firewalls do not examine it closely, allowing it to pass through undetected. Options A and B are incorrect as some firewalls can perform deep packet inspection and analyze ICMP packets. Option C is also misleading, as while fragmentation can be an issue, it is not the primary reason ICMP tunneling is successful.