Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free ECCouncil 312-50v13 Practice Exam with Questions & Answers | Set: 13

Questions 181

A global media streaming platform experiences traffic surges every 10 minutes, with spikes over 300 Gbps followed by quiet intervals. Which DDoS attack explains this behavior?

Options:
A.

UDP flood sustained attack

B.

Recursive HTTP GET flood

C.

Permanent DoS (PDoS)

D.

Pulse Wave attack

ECCouncil 312-50v13 Premium Access
Questions 182

A Java app uses Random() for session tokens. What is the risk?

Options:
A.

Session fixation

B.

XSS

C.

Predictable tokens

D.

CSRF

Questions 183

While analyzing suspicious network activity, you observe a slow, stealthy scanning technique that is difficult to trace back to the attacker. Which scenario best describes the scanning technique being used?

Options:
A.

The attacker sends FIN packets to infer port states based on responses

B.

The attacker uses a “zombie” machine to perform scans, hiding their true identity

C.

The attacker performs full TCP connect scans on all ports

D.

The attacker sends packets with all TCP flags set

Questions 184

A major financial institution is experiencing persistent DoS attacks against online banking, disrupting transactions. Which sophisticated DoS technique poses the greatest challenge to detect and mitigate effectively, potentially jeopardizing service availability?

Options:
A.

A synchronized Layer 3 Smurf attack flooding routers with ICMP echo requests

B.

A distributed SQL injection attack against online banking database servers causing resource exhaustion

C.

A zero-day buffer overflow exploit against the web server causing service unavailability via RCE

D.

A coordinated UDP flood targeting authoritative DNS servers to disrupt domain resolution

Questions 185

A penetration tester is attempting to gain access to a wireless network that is secured with WPA2 encryption. The tester successfully captures the WPA2 handshake but now needs to crack the pre-shared key. What is the most effective method to proceed?

Options:
A.

Perform a brute-force attack using common passwords against the captured handshake

B.

Use a dictionary attack against the captured WPA2 handshake to crack the key

C.

Execute a SQL injection attack on the router ' s login page

D.

Conduct a de-authentication attack to disconnect all clients from the network

Questions 186

A red team operator wants to obtain credentials from a Windows machine without touching LSASS memory due to security controls and Credential Guard. They use SSPI to generate NetNTLM responses in the logged-in user context and collect those responses for offline cracking. Which attack technique is being used?

Options:
A.

Internal Monologue attack technique executed through OS authentication protocol manipulations

B.

Replay attack attempt by reusing captured authentication traffic sequences

C.

Hash injection approach using credential hashes for authentication purposes

D.

Pass-the-ticket attack method involving forged tickets for network access

Questions 187

When referring to the domain name service, what is a zone?

Options:
A.

A collection of domains

B.

The zone namespace

C.

A collection of alias records

D.

A collection of resource records

Questions 188

You are Liam Chen, an ethical hacker at CyberGuard Analytics, hired to test the social engineering defenses of Coastal Trends, a retail chain in Los Angeles, California. During a covert assessment, you craft a deceptive message sent to the employees’ company phones, claiming a critical account update is needed and directing them to a link that installs monitoring software. Several employees interact with the link, exposing a vulnerability to a specific mobile attack vector. Based on this approach, which mobile attack type are you simulating?

Options:
A.

Bluebugging

B.

SMS Phishing

C.

Call Spoofing

D.

OTP Hijacking

Questions 189

During a red team assessment, an ethical hacker must map a large multinational enterprise’s external attack surface. Due to strict rules of engagement, no active scans may be used. The goal is to identify publicly visible subdomains to uncover forgotten or misconfigured services. Which method should the ethical hacker use to passively enumerate the organization’s subdomains?

Options:
A.

Leverage tools like Netcraft or DNSdumpster to gather subdomain information

B.

Attempt to guess admin credentials and access the company’s DNS portal

C.

Conduct a brute-force DNS subdomain enumeration

D.

Request internal DNS records using spoofed credentials

Questions 190

A penetration tester is mapping a Windows-based internal network. The tester notices that TCP port 139 and UDP port 137 are open on multiple systems. File and printer sharing is enabled. To retrieve hostnames, user details, and domain roles without triggering alerts, which tool and method would be most effective?

Options:
A.

Perform LDAP enumeration via anonymous bind

B.

Use pspasswd to change remote passwords

C.

Run nbtstat -A to query the NetBIOS name table

D.

Use psloggedon to retrieve remote login sessions

Questions 191

During an external security review of a manufacturing firm in Detroit, Michigan, you ' re asked to prioritize patch baselines for internet-facing servers without logging in or establishing full sessions. To achieve this, you analyze network-level responses and capture application output in order to determine the underlying system and its software release. Which technique best fits this objective?

Options:
A.

Service Version Discovery

B.

Port Scanning

C.

OS Discovery

D.

Vulnerability Scanning

Questions 192

Fleet vehicles with smart locking systems were compromised after attackers captured unique signals from key fobs. What should the security team prioritize to confirm and prevent this attack?

Options:
A.

Secure firmware updates

B.

Increase physical surveillance

C.

Deploy anti-malware on smartphones

D.

Monitor wireless signals for jamming or interference

Questions 193

As part of a controlled red-team engagement, an ethical hacker evaluates the resilience of a corporate campus against radio-frequency disruption. The tester activates a portable multi-antenna signal suppression device from a nearby building.

The interference affects wireless communication across several departments within an estimated coverage radius of approximately 120 meters. The disruption persists for slightly over an hour before the device requires recharge. Analysis confirms that multiple frequency bands, including Wi-Fi and cellular standards, were simultaneously impacted.

Based on the operational characteristics observed, identify the jamming device most consistent with this activity.

Options:
A.

PCB-1016 Jammer

B.

CPB-2612H-5G Jammer

C.

CPB-2920 Jammer

D.

PCB-4510 Jammer

Questions 194

A network administrator reviews logs and observes that an attacker sends packets requesting the target system’s internal clock value. The response includes timing information that can be used to calculate round-trip delay and analyze host characteristics.

What host discovery technique is being used in this scenario?

Options:
A.

UDP Ping Scan

B.

ICMP Echo Ping Sweep

C.

IP Protocol Scan

D.

ICMP Timestamp Ping Scan

Questions 195

A vulnerability has a score of 9.8. What does this rating help explain?

Options:
A.

It quantifies impact and exploitability to prioritize remediation

B.

It measures authentication errors

C.

It generates exploit payloads

D.

It classifies attacks qualitatively