As an IT security analyst, you perform network scanning using ICMP Echo Requests. During the scan, several IP addresses do not return Echo Replies, yet other network services remain operational. How should this situation be interpreted?
A.
The non-responsive IP addresses indicate severe network congestion.
B.
A firewall or security control is likely blocking ICMP Echo Requests.
C.
The lack of Echo Replies indicates an active security breach.
D.
The IP addresses are unused and available for reassignment.
The CEH Network Scanning module explains that ICMP Echo Requests are often filtered or blocked by firewalls, routers, or host-based security controls as a defensive measure to reduce reconnaissance exposure.
When systems fail to respond to ICMP Echo Requests but continue to function normally for other services, CEH indicates that this behavior typically means ICMP traffic is being blocked, not that the host is offline or compromised.
Option B is correct.
Option A would affect all services.
Option C lacks supporting indicators.
Option D is speculative and unreliable.
CEH emphasizes that ICMP filtering is common in hardened networks.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit