Crucial Exams

Certified Ethical Hacker (CEH) Practice Question

While footprinting a target organization you have identified a publicly reachable host at 203.0.113.27. Before launching any active scans, you want to learn which other IP addresses are likely owned by the same company so you can plan a focused engagement. Which approach will most reliably reveal the entire CIDR netblock that has been allocated to this host without generating traffic toward additional target systems?

  • Perform a Whois query against the appropriate Regional Internet Registry to obtain the NetRange or CIDR information for 203.0.113.27.

  • Request the target domain's MX records from its authoritative DNS server to enumerate associated IP ranges.

  • Send an oversized ICMP timestamp request to the host and use the returned TTL values to calculate the size of the organization's subnet.

  • Run a UDP scan against port 7 (Echo) on the host to capture replies that disclose the subnet mask and network size.

Certified Ethical Hacker (CEH)
Reconnaissance Techniques
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot