GIAC Certified Incident Handler (GCIH) — Question 154

To defend against network mapping, which of the following packets should be denied at the border router?

Answer options

• A. Outgoing ICMP Port Unreachable messages
• B. Outgoing ICMP Echo Request messages
• C. Incoming ICMP Time Exceeded messages
• D. Incoming ICMP Echo Request messages

Correct answer: A

Explanation

Denying outgoing ICMP Port Unreachable messages helps prevent attackers from gaining information about the network structure and open ports, which is essential for network mapping. The other options either allow responses that could aid in mapping or do not provide significant information to potential attackers.