Examice

Exam N10-008 All QuestionsBrowse all questions from this exam

Question 505

An engineer is using a tool to run an ICMP sweep of a network to find devices that are online. When reviewing the results, the engineer notices a number of workstations that are currently verified as being online are not listed in the report.

The tool was configured to scan using the following information:

Network address: 172.28.16.0 -

CIDR: /22 -

The engineer collected the following information from the client workstation:

IP address: 172.28.17.206 -

Subnet mask: 255.255.252.0 -

Which of the following MOST likely explains why the tool is failing to detect some workstations?

The scanned network range is incorrect.

The subnet mask on the client is misconfigured.

The workstation has a firewall enabled.

The tool is unable to scan remote networks.

Correct Answer: C

The most likely reason the tool is failing to detect some workstations is that the workstations have a firewall enabled. Firewalls can block ICMP packets, which are used in ICMP sweeps to detect online devices. This would make the workstations appear offline or undetectable by the scanning tool, even though their network configuration and IP address fall within the correct range.

Discussion

El_CabronOption: C

Range is correct, so is subnet mask. So the only possible reason is the clients have firewall enabled and rejecting ICMP.

Cohort07

What would be considered the ip range?

El_Cabron

Given the lack of information in the question, I am assuming the IP scanner will scan from 172.28.16.0 subnet and beyond.

carloshernandez5018

I agree with option C. The usable range for a network that starts at 172.28.16.0 /22 is: 172.28.16.1 - 172.28.19.254 Remember that with an CIDR notation of /22 you have 1,024 of total IP addresses (-2 for the network ID and the broadcast).

testgokOption: C

According to ChatGPT v4 C. The workstation has a firewall enabled. The most likely reason for the tool failing to detect some workstations, despite having the correct network range and subnet mask, is that those workstations have a firewall enabled. Firewalls can be configured to block ICMP packets, making the workstations appear offline or undetectable during an ICMP sweep.

ukralukrop

According to gpt: Yes, either B or C could potentially explain why the tool is failing to detect some workstations. If the subnet mask on the client is misconfigured, it could result in the client being assigned an IP address outside of the range being scanned by the tool. On the other hand, if the workstations have a firewall enabled that is blocking ICMP packets, they may not respond to the ICMP sweep and be detected as offline by the tool.

b0bbyOption: C

This is a question that's meant for you to give the wrong answer. First you check that the subnet mask/CIDR is good and IP address falls into acceptable range. Then reread the question and notice ICMP being used. I think firewalls can block ICMP to prevent a DoS attack but that's not certain. So think C but examine D. D is technically also correct but I have to jump to the conclusion that that "devices" isn't really considered a workstation "verified as being online". So after all that the answer is C maybe still not certain about D but just playing the odds and hoping my English is good enough to understand the question.

JB1705Option: B

client subnet is wrong

MamalamaOption: C

contributors below have the correct information on why its C