Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free ECCouncil 312-50v13 Practice Exam with Questions & Answers | Set: 10

Questions 136

You are investigating unauthorized access to a web application using token-based authentication. Tokens expire after 30 minutes. Server logs show multiple failed login attempts using expired tokens within a short window, followed by successful access with a valid token. What is the most likely attack scenario?

Options:
A.

The attacker captured a valid token before expiration and reused it

B.

The attacker brute-forced the token generation algorithm

C.

The attacker exploited a race condition allowing expired tokens to be validated

D.

The attacker performed a token replay attack that confused the server

ECCouncil 312-50v13 Premium Access
Questions 137

A healthcare technology company deploys internet-connected cardiac monitoring devices across several hospitals in Minneapolis, Minnesota. During a controlled security review, an analyst discovers that administrative configuration features can be accessed remotely through components that interact with external management platforms.

Further analysis reveals that these externally reachable components process user-supplied data without sufficient validation checks. Additionally, authentication controls protecting remote configuration features rely solely on basic credential verification without additional safeguards against automated misuse.

According to the OWASP Top 10 IoT Vulnerabilities, how should this weakness be classified?

Options:
A.

Insecure Ecosystem Interfaces

B.

Insecure Default Settings

C.

Insecure Network Services

D.

Lack of Device Management

Questions 138

You are Michael, an ethical hacker at a New York–based e-commerce company performing a security review of their payment-signing service. While observing the signing process (without access to private keys), you note the service generates a fresh random value for each signature operation, the signature algorithm uses modular arithmetic in a subgroup defined by public domain parameters, and signatures are verified with a public verification key rather than by decrypting the message. Which asymmetric algorithm best matches the signing mechanism you observed?

Options:
A.

DSA

B.

RSA

C.

Diffie-Hellman

D.

ElGamal

Questions 139

Which advanced session-hijacking technique is hardest to detect and mitigate?

Options:
A.

Covert XSS attack

B.

Man-in-the-Browser (MitB) attack

C.

Passive sniffing on Wi-Fi

D.

Session fixation

Questions 140

A penetration tester is testing a web application ' s product search feature, which takes user input and queries the database. The tester suspects inadequate input sanitization. What is the best approach to confirm the presence of SQL injection?

Options:
A.

Inject a script to test for Cross-Site Scripting (XSS)

B.

Input DROP TABLE products; -- to see if the table is deleted

C.

Enter 1 ' OR ' 1 ' = ' 1 to check if all products are returned

D.

Use directory traversal syntax to access restricted files on the server

Questions 141

During a penetration test at a healthcare facility in Baltimore, Maryland, an ethical hacker demonstrates how attackers are mapping active hosts and open ports using ICMP-based techniques. To reduce the organization’s exposure, the security team decides to implement a countermeasure that specifically disrupts ICMP discovery traffic by preventing error messages from being returned. Which action should they take?

Options:
A.

Use a custom rule set to lock down the network, block unwanted ports at the firewall, and filter specific ports

B.

Configure firewall and IDS rules to detect and block probes

C.

Block unwanted services running on the ports and update the service versions

D.

Block inbound ICMP message types and all outbound ICMP type 3 (Destination Unreachable) messages

Questions 142

A multinational company plans to deploy an IoT-based environmental control system across global manufacturing units. The security team must identify the most likely attack vector an Advanced Persistent Threat (APT) group would use to compromise the system. What is the most plausible method?

Options:
A.

Launching a DDoS attack to overload IoT devices

B.

Compromising the system using stolen user credentials

C.

Exploiting zero-day vulnerabilities in IoT device firmware

D.

Performing an encryption-based Man-in-the-Middle attack

Questions 143

Malware infecting multiple systems remains dormant until triggered and changes its code or encryption with each infection to evade detection. Which malware type best fits this description, and what is the most effective mitigation?

Options:
A.

Rootkit – use anti-rootkit tools and patch systems

B.

Adware – deploy anti-adware tools and train users

C.

Worm – isolate infected systems and scan the network

D.

Polymorphic malware – use behavior-based detection and ensure systems are patched

Questions 144

You are an ethical hacker at Sentinel Cyberworks, engaged to assess the wireless defenses of HarborTrust Bank in Portland, Oregon. During your assessment, the security team shows you a production system that continuously places selected APs into a passive scan mode, aggregates alarms from multiple wireless controllers into a central engine for forensic storage, and can automatically apply countermeasures (for example, time-sliced channel scanning and remote configuration changes) across the campus when it classifies a nearby device as malicious. Based on the described capabilities, which Wi-Fi security solution is this most consistent with?

Options:
A.

WatchGuard Wi-Fi Cloud WIPS

B.

RFProtect

C.

Fern WiFi Cracker

D.

Cisco Adaptive Wireless IPS

Questions 145

An organization lacks centralized logs. Which attack phase is hardest to detect?

Options:
A.

Lateral movement

B.

Recon

C.

Delivery

D.

Initial access

Questions 146

In a security assessment conducted in New York, Sarah, an ethical hacker, is evaluating a corporate network to enhance its protection against potential threats. She aims to gather essential data about available access points to guide her analysis. Which scanning technique should Sarah apply to meet this objective while adhering to the organization ' s ethical guidelines?

Options:
A.

Vulnerability Scanning

B.

Port Scanning

C.

Topology Mapping

D.

Network Scanning

Questions 147

What is the purpose of banner grabbing?

Options:
A.

Sniffing

B.

Cracking

C.

Identification

D.

Exploitation

Questions 148

In an enterprise environment, the network security team detects unusual behavior suggesting advanced sniffing techniques exploiting legacy protocols to intercept sensitive communications. Which of the following sniffing-related techniques presents the greatest challenge to detect and neutralize, potentially compromising confidential enterprise data?

Options:
A.

Steganographic payload embedding within SMTP email headers

B.

Encrypted data extraction via HTTP header field overflows

C.

Covert data interception via X2S packet fragmentation

D.

Covert channel establishment through Modbus protocol manipulation

Questions 149

Which attack abuses business logic?

Options:
A.

XSS

B.

Logic flaw

C.

CSRF

D.

SQLi

Questions 150

An attacker uses many plaintext–ciphertext pairs and applies statistical analysis to XOR combinations of specific bits. Which technique is being used?

Options:
A.

Brute-force attack

B.

Differential cryptanalysis

C.

Linear cryptanalysis

D.

Side-channel attack