0
Here's a sample question from a GIAC certification test. It demonstrates why such tests suck.
The important deep knowledge you should know about
traceroute how it send packets with increasing TTLs to trace the route.
But that's not what the question is asking. Instead, it's asking superfluous information about the default behavior, namely about Linux defaults. It's a trivia test, not a knowledge test. If you've recently studied the subject, your course book probably tells you that Linux traceroute defaults to UDP packets on transmit. So, those who study for the test will do well on the question.
But those with either a lot of deep knowledge or practical experience will find this question harder. Windows and Linux use different defaults (Windows uses ICMP ECHOs, Linux uses UDP). Personally, I'm not sure which is which (well, I am now, 'cause I looked it up, but I'm likely to forget it again soon, because it's a relatively unimportant detail).
Those with deep learning have another problem with the word "protocol". This question uses "protocol" in one sense, where only UDP, TCP, and ICMP are valid "protocols".
But the word can be used in another sense, where "Echo" and "TTL" are also
Continue reading