Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free ECCouncil 312-50v13 Practice Exam with Questions & Answers

Questions 1

A penetration tester identifies malware on a system that hides its presence and gives an attacker access to administrative functions without being detected. What type of malware is this?

Options:
A.

Virus

B.

Keylogger

C.

Ransomware

D.

Rootkit

ECCouncil 312-50v13 Premium Access
Questions 2

In the vibrant startup scene of Austin, Texas, ethical hacker Daniel Ruiz is hired by TechNexus, a U.S.-based logistics software provider, to evaluate their internal administration portal. During testing, Daniel observes that certain input fields forward user-supplied data directly to underlying system functions. By carefully crafting his entries, he is able to trigger execution of unexpected system commands, resulting in unauthorized control over the operating environment. His findings reveal that the flaw stems from poor validation of input processed by system-level functions.

Which vulnerability is Daniel most likely demonstrating?

Options:
A.

Shell Injection

B.

LDAP Injection

C.

SQL Injection

D.

Cross-Site Scripting (XSS)

Questions 3

The establishment of a TCP connection involves a negotiation called three-way handshake. What type of message does the client send to the server in order to begin this negotiation?

Options:
A.

RST

B.

ACK

C.

SYN-ACK

D.

SYN

Questions 4

Which advanced evasion technique poses the greatest challenge to detect and mitigate?

Options:
A.

Covert channel communication using IP header fields

B.

Honeypot spoofing

C.

Polymorphic malware

D.

Packet fragmentation evasion

Questions 5

Joe, a cybersecurity analyst at XYZ-FinTech, has been assigned to perform a quarterly vulnerability assessment across the organization ' s Windows-based servers and employee workstations. His objective is to detect issues such as software configuration errors, incorrect registry or file permissions, native configuration table problems, and other system-level misconfigurations. He is instructed to log into each system using valid credentials to ensure comprehensive data collection. Based on this assignment, which type of vulnerability scanning should Joe perform?

Options:
A.

Application Scanning

B.

Host-based Scanning

C.

Network-based Scanning

D.

External Scanning

Questions 6

Why is using Google Hacking justified during passive footprinting?

Options:
A.

Identifying weaknesses in website source code

B.

Locating phishing sites mimicking the organization

C.

Mapping internal network structures

D.

Discovering hidden organizational data indexed by search engines

Questions 7

A web application returns generic error messages. The analyst submits AND 1=1 and AND 1=2 and observes different responses. What type of injection is being tested?

Options:
A.

UNION-based SQL injection

B.

Error-based SQL injection

C.

Boolean-based blind SQL injection

D.

Time-based blind SQL injection

Questions 8

What does a NULL scan send?

Options:
A.

No flags set

B.

SYN packet

C.

ACK packet

D.

RST packet

Questions 9

During a red team simulation at a bank in Chicago, Illinois, the SOC team suspects that some of the incoming traffic may be spoofed. To verify this, an analyst begins monitoring the sequence values assigned to packets, looking for irregularities that indicate they were not generated by the legitimate source. Which spoofing detection technique is the analyst using?

Options:
Questions 10

An attacker places a malicious VM on the same physical server as a target VM in a multi-tenant cloud environment. The attacker then extracts cryptographic keys using CPU timing analysis. What type of attack was conducted?

Options:
A.

Side-channel attack

B.

Cloud cryptojacking

C.

Cache poisoned denial of service (CPDoS)

D.

Metadata spoofing

Questions 11

A financial services firm is experiencing a sophisticated DoS attack on their DNS servers using DNS amplification and on their web servers using HTTP floods. Traditional firewall rules and IDS are failing to mitigate the attack effectively. To protect their infrastructure without impacting legitimate users, which advanced mitigation strategy should the firm implement?

Options:
A.

Increase server capacity and implement simple rate limiting

B.

Block all incoming traffic from suspicious IP ranges using access control lists

C.

Deploy a Web Application Firewall (WAF) to filter HTTP traffic

D.

Utilize a cloud-based DDoS protection service with traffic scrubbing capabilities

Questions 12

You are instructed to perform a TCP NULL scan. In the context of TCP NULL scanning, which response indicates that a port on the target system is closed?

Options:
A.

ICMP error message

B.

TCP SYN/ACK packet

C.

No response

D.

TCP RST packet

Questions 13

You are part of the red team assigned to evaluate the physical and social vulnerabilities of a government contractor’s office located in a metropolitan business hub. During your pretexting phase, you decide to simulate the role of a third-party IT technician.

Upon arrival, the receptionist allows you entry without verification, assuming you are there for scheduled printer maintenance. While moving through the workspace, you casually observe open terminals, unattended printouts, and discarded sticky notes at workstations. You later report several user credentials and partial access details acquired during this visit.

Which social engineering technique does this scenario best illustrate?

Options:
A.

Shoulder Surfing

B.

Eavesdropping

C.

Impersonation

D.

Dumpster Diving

Questions 14

A malware analyst finds JavaScript and /OpenAction keywords in a suspicious PDF using pdfid. What should be the next step to assess the potential impact?

Options:
A.

Upload the file to VirusTotal

B.

Extract and analyze stream objects using PDFStreamDumper

C.

Compute file hashes for signature matching

Questions 15

As a cybersecurity professional at XYZ Corporation, you are tasked with investigating anomalies in system logs that suggest potential unauthorized activity. System administrators have detected repeated failed login attempts on a critical server, followed by a sudden surge in outbound data traffic. These indicators suggest a possible compromise. Given the sensitive nature of the system and the sophistication of the threat, what should be your initial course of action?

Options:
A.

Conduct real-time monitoring of the server, analyze logs for abnormal patterns, and identify the nature of the activity to formulate immediate countermeasures.

B.

Conduct a comprehensive audit of all outbound traffic and analyze destination IP addresses to map the attacker’s network.

C.

Immediately reset all server credentials and instruct all users to change their passwords.

D.

Immediately disconnect the affected server from the network to prevent further data exfiltration.