Which hping3 command includes a TCP timestamp option to test firewall behavior?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which hping3 command includes a TCP timestamp option to test firewall behavior?

Explanation:
Testing how a firewall handles TCP options by sending a packet that includes the TCP timestamp option. The TCP timestamp is one of the optional fields in the TCP header; enabling it with the timestamp option lets you see whether the firewall allows that option through or strips/filters it, which is a common security device behavior to scrutinize. When you combine this option with a SYN to a service port, you simulate a normal connection attempt while explicitly requesting the timestamp to be carried in the packet. The best command uses a SYN to a target on port 80 and includes the TCP timestamp option, ensuring the test actually exercises the TCP header options rather than just sending a basic TCP packet or an ICMP/other-type probe. The other commands do not enable or involve the TCP timestamp option, so they don’t reliably test how the firewall handles TCP options.

Testing how a firewall handles TCP options by sending a packet that includes the TCP timestamp option. The TCP timestamp is one of the optional fields in the TCP header; enabling it with the timestamp option lets you see whether the firewall allows that option through or strips/filters it, which is a common security device behavior to scrutinize. When you combine this option with a SYN to a service port, you simulate a normal connection attempt while explicitly requesting the timestamp to be carried in the packet.

The best command uses a SYN to a target on port 80 and includes the TCP timestamp option, ensuring the test actually exercises the TCP header options rather than just sending a basic TCP packet or an ICMP/other-type probe. The other commands do not enable or involve the TCP timestamp option, so they don’t reliably test how the firewall handles TCP options.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy