Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free ECCouncil 312-50v13 Practice Exam with Questions & Answers | Set: 15

Questions 211

As a newly appointed network security analyst, you are tasked with ensuring that the organization’s network can detect and prevent evasion techniques used by attackers. One commonly used evasion technique is packet fragmentation, which is designed to bypass intrusion detection systems (IDS). Which IDS configuration should be implemented to effectively counter this technique?

Options:
A.

Implementing an anomaly-based IDS that can detect irregular traffic patterns caused by packet fragmentation.

B.

Adjusting the IDS to recognize regular intervals at which fragmented packets are sent.

C.

Configuring the IDS to reject all fragmented packets to eliminate the risk.

D.

Employing a signature-based IDS that recognizes the specific signature of fragmented packets.

ECCouncil 312-50v13 Premium Access
Questions 212

During a security assessment at Apex Technologies in Austin, Texas, the cybersecurity team identifies a high risk of social engineering attacks, including phishing, vishing, and baiting, targeting employees across departments. To strengthen defenses, the team plans to implement a countermeasure to reduce the likelihood of employees disclosing sensitive information. Which of the following countermeasures should Apex Technologies prioritize to mitigate the risk of social engineering attacks?

Options:
A.

Conduct security awareness and training programs

B.

Employees must verify the identity of individuals requesting information

C.

Use two-factor authentication

D.

Establish policies and procedures for handling sensitive information

Questions 213

A tester evaluates a login form that constructs SQL queries using unsanitized user input. By submitting 1 OR ' T ' = ' T ' ; --, the tester gains unauthorized access to the application. What type of SQL injection has occurred?

Options:
A.

Tautology-based SQL injection

B.

Error-based SQL injection

C.

Union-based SQL injection

D.

Time-based blind SQL injection

Questions 214

During a code review at a defense technology contractor in Virginia, penetration tester Lucas identifies that a newly deployed payroll application encrypts sensitive employee data using a weak custom algorithm. In addition, its session validation logic allows certain requests to bypass access controls altogether. These oversights are traced back to flawed system logic and poor encryption design decisions made during the development phase.

Which vulnerability category BEST describes the issue Lucas discovered?

Options:
A.

Design Flaws

B.

Application Flaws

C.

Misconfigurations/Weak Configurations

D.

Poor Patch Management

Questions 215

During a penetration test, you perform extensive DNS interrogation to gather intelligence about a target organization. Considering the inherent limitations of DNS-based reconnaissance, which of the following pieces of information cannot be directly obtained through DNS interrogation?

Options:
A.

The specific usernames and passwords used by the organization’s employees.

B.

The estimated geographical location of the organization’s servers derived from IP addresses.

C.

The subdomains associated with the organization’s primary internet domain.

D.

The IP addresses associated with the organization’s mail servers.

Questions 216

Which of the following hacking frameworks describes adversary tactics, techniques, and procedures (TTPs) used in cyberattacks?

Options:
A.

NIST CSF 2.0

B.

ISSF

C.

MITRE ATT & CK

D.

ISC 28901

Questions 217

As part of a cybersecurity assessment for a healthcare provider in Denver, Colorado, you are asked to recommend a framework that addresses how organizations should identify, assess, and treat information security risks as part of their ISMS. Which international standard best meets this requirement?

Options:
A.

ISO/IEC 27701:2019

B.

ISO/IEC 27002:2022

C.

ISO/IEC 27005:2022

D.

ISO/IEC 27001:2022

Questions 218

On 10th of July this year, during a security penetration test at IntelliCore Systems in Raleigh, North Carolina, the ethical hacking team evaluates the stability of the company’s file-sharing server. Sofia crafts and transmits a sequence of oversized, malformed packets designed to test how the server handles unexpected input. Shortly after, the system begins crashing intermittently due to processing failures triggered by these anomalous network requests. The security team onsite is tasked with identifying the root cause behind the packet-induced instability and attributing it to a known DoS tactic.

Which of the following best explains the technique Sofia used to trigger the server crashes?

Options:
A.

ICMP Flood Attack

B.

Ping of Death PoD

C.

Smurf Attack

D.

ACK Flood Attack

Questions 219

During a red team assessment of a multinational financial firm, you ' re tasked with identifying key personnel across various departments and correlating their digital footprints to evaluate exposure risk. Your objective includes mapping user aliases across platforms, identifying geotagged media, and pinpointing potential insider threats based on social posting behavior. The team has shortlisted multiple tools for the task.

Considering the technical capabilities and limitations described in the approved reconnaissance toolkit, which tool provides cross-platform username correlation by scanning hundreds of social networking sites, but does not natively support geolocation tracking or visualizing identity relationships?

Options:
A.

Creepy

B.

Social Searcher

C.

Maltego

D.

Sherlock

Questions 220

During a physical penetration test at Sterling Electronics in Cleveland, ethical hacker Priya waits near the employee entrance during a shift change. When a group of staff enters the building using their access cards, Priya closely follows behind without swiping her own badge. None of the employees confront her, assuming she belongs there. Once inside, Priya proceeds to the break area where she documents the success of the exercise.

Which social engineering technique is Priya demonstrating?

Options:
A.

Shoulder Surfing

B.

Dumpster Diving

C.

Tailgating

D.

Piggybacking

Questions 221

A penetration tester finds that a web application does not properly validate user input and is vulnerable to reflected Cross-Site Scripting (XSS). What is the most appropriate approach to exploit this vulnerability?

Options:
A.

Perform a brute-force attack on the user login form to steal credentials

B.

Embed a malicious script in a URL and trick a user into clicking the link

C.

Inject a SQL query into the search form to attempt SQL injection

D.

Use directory traversal to access sensitive files on the server

Questions 222

Javier Ruiz from CyberFortress Solutions is tasked with auditing the mobile security practices of Apex Financial Services, a financial firm in Houston, Texas. During a covert penetration test, Javier targets employees ' personal smartphones used to access corporate financial systems. He exploits a vulnerability by installing a malicious app that bypasses access controls, granting him unauthorized entry to sensitive financial data because the devices lack a specific security measure to restrict app access. Based on this vulnerability, which BYOD security guideline is most likely missing in Apex Financial Services ' policy?

Options:
A.

Review permissions requested by apps before installing them

B.

Set passwords for apps to restrict others from accessing them

C.

Enforce automatic device locking or implement biometric authentication

D.

Use encryption mechanisms to store data

Questions 223

A penetration tester performs a vulnerability scan on a company ' s network and identifies a critical vulnerability related to an outdated version of a database server. What should the tester prioritize as the next step?

Options:
A.

Attempt to exploit the vulnerability using publicly available tools or exploits

B.

Conduct a brute-force attack on the database login page

C.

Ignore the vulnerability and move on to testing other systems

D.

Perform a denial-of-service (DoS) attack on the database server

Questions 224

A U.S.-based online securities trading firm in New York is reviewing its transaction authentication process. The security team confirms that each transaction is processed by first generating a hash of the transaction data. The hash value is then signed using the sender ' s private key. During verification, the recipient uses the corresponding public key to validate the signature before approving the transaction. The system documentation specifies that the same algorithm supports encryption, digital signatures, and key exchange mechanisms within the organization ' s secure communications infrastructure. Which encryption algorithm is being used in this implementation?

Options:
A.

ElGamal

B.

Diffie-Hellman

C.

DSA

D.

RSA

Questions 225

A penetration tester discovers that a system is infected with malware that encrypts all files and demands payment for decryption. What type of malware is this?

Options:
A.

Worm

B.

Spyware

C.

Keylogger

D.

Ransomware