Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free ECCouncil 312-50v13 Practice Exam with Questions & Answers | Set: 3

Questions 31

Infected systems receive external instructions over HTTP and DNS, with fileless payloads modifying system components. What is the most effective action to detect and disrupt this malware?

Options:
A.

Update antivirus signatures regularly

B.

Allow only encrypted traffic via proxies

C.

Block common malware ports

D.

Use behavioral analytics to monitor abnormal outbound behavior

ECCouncil 312-50v13 Premium Access
Questions 32

_____ is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

Options:
A.

Resource transfer

B.

Resource records

C.

DNSSEC

D.

Zone transfer

Questions 33

During a security assessment of an internal network, a penetration tester discovers that UDP port 123 is open, indicating that the NTP service is active. The tester wants to enumerate NTP peers, check synchronization status, offset, and stratum levels. Which command should the tester use?

Options:
A.

ntpdc

B.

ntpq

C.

ntptrace

D.

ntpdate

Questions 34

You have gone to an organization’s website to gather information, such as employee names, email addresses, and phone numbers. Which step of the hacker’s methodology does this correspond to?

Options:
A.

Fingerprinting

B.

Reconnaissance

C.

Scanning and enumeration

D.

Gaining access

Questions 35

Which payload is most effective for testing time-based blind SQL injection?

Options:
A.

AND 1=0 UNION ALL SELECT ' admin ' , ' admin

B.

UNION SELECT NULL, NULL, NULL --

C.

OR ' 1 ' = ' 1 ' ;

D.

AND BENCHMARK(5000000,ENCODE( ' test ' , ' test ' ))

Questions 36

Amid the vibrant buzz of Miami’s digital scene, ethical hacker Sofia Alvarez embarks on a mission to fortify the web server of Sunshine Media’s streaming platform. Diving into her security assessment, Sofia sends a meticulously crafted GET / HTTP/1.0 request to the server, scrutinizing its response. The server obligingly returns headers exposing its software version and operating system, a revelation that could empower malicious actors to tailor their attacks. Committed to bolstering the platform’s defenses, Sofia documents her findings to urge the security team to address this exposure.

What approach is Sofia using to expose the vulnerability in Sunshine Media’s web server?

Options:
A.

Information Gathering from Robots.txt File

B.

Vulnerability Scanning

C.

Directory Brute Forcing

D.

Web Server Footprinting Banner Grabbing

Questions 37

During a penetration test at an e-commerce company in Boston, ethical hacker Sophia launches an HTTP flood against the checkout page of the site. The simulated traffic consists of repeated GET and POST requests designed to overload application-layer resources. In response, the IT team activates a security tool that inspects and filters malicious HTTP traffic while allowing legitimate customer requests to pass, ensuring service continuity during the exercise.

Which DoS/DDoS protection tool is most likely being used in this scenario?

Options:
A.

Load Balancer

B.

Web Application Firewall

C.

Intrusion Prevention System

D.

Firewall

Questions 38

A penetration tester is tasked with identifying vulnerabilities on a web server running outdated software. The server hosts several web applications and is protected by a basic firewall. Which technique should the tester use to exploit potential server vulnerabilities?

Options:
A.

Conduct a SQL injection attack on the web application ' s login form

B.

Perform a brute-force login attack on the admin panel

C.

Execute a buffer overflow attack targeting the web server software

D.

Use directory traversal to access sensitive configuration files

Questions 39

During a scheduled security review in a high-tech lab in Austin, Texas, penetration tester Lucas Bennett was assessing a state government’s new payroll system hosted in a private cloud. One humid afternoon, while fuzz testing the input validation logic of the TaxCalcEngine.dll module, he triggered a buffer overflow by submitting malformed taxpayer ID strings. The crash led to unintended disclosure of payroll data due to unchecked data boundaries. Lucas traced the issue to a coding oversight in a core processing module. Applying a structured analysis approach, which category best describes the vulnerability he discovered?

Options:
A.

Application Flaws

B.

Poor Patch Management

C.

Misconfigurations Weak Configurations

D.

Design Flaws

Questions 40

A company’s online service is under a multi-vector DoS attack using SYN floods and HTTP GET floods. Firewalls and IDS cannot stop the outage. What advanced defense should the company implement?

Options:
A.

Configure the firewall to block all incoming SYN packets from external IPs

B.

Use DDoS mitigation services that offer multi-layer protection

C.

Deploy a Web Application Firewall (WAF) with anomaly detection

D.

Increase server bandwidth and apply basic rate limiting

Questions 41

You are a cybersecurity consultant at FortiSec, advising DesertTech Innovations in Phoenix, Arizona. The company wants to modernize its Wi-Fi so that even if an attacker obtains a captured handshake or a weak passphrase, they cannot perform offline dictionary attacks or recover session keys; management also wants stronger, per-session encryption and protection for IoT devices without relying on a single shared password.

Which wireless security measure should DesertTech implement to meet these goals?

Options:
A.

MAC Address Filtering

B.

Use 802.1X Authentication

C.

Upgrade to WPA3

D.

Disable TKIP

Questions 42

A penetration tester is assessing the security of a corporate wireless network that uses WPA2-Enterprise encryption with RADIUS authentication. The tester wants to perform a man-in-the-middle attack by tricking wireless clients into connecting to a rogue access point. What is the most effective method to achieve this?

Options:
A.

Set up a fake access point with the same SSID and use a de-authentication attack

B.

Use a brute-force attack to crack the WPA2 encryption directly

C.

Perform a dictionary attack on the RADIUS server to retrieve credentials

D.

Execute a Cross-Site Scripting (XSS) attack on the wireless controller ' s login page

Questions 43

During a black-box penetration test, an attacker runs the following command:

nmap -p25 --script smtp-enum-users --script-args EXPN,RCPT < target IP >

The script successfully returns multiple valid usernames. Which server misconfiguration is being exploited?

Options:
A.

The SMTP server allows authentication without credentials

B.

The SMTP server has disabled STARTTLS, allowing plaintext enumeration

C.

SMTP user verification commands are exposed without restrictions

D.

DNS MX records point to an internal mail relay

Questions 44

A security consultant is conducting an authorized assessment for a healthcare billing provider in Phoenix, Arizona. While monitoring internal traffic, he observes an authenticated employee interacting with a sensitive web-based management portal over TCP.

During the session, the consultant carefully crafts and injects packets into the ongoing communication stream. Shortly afterward, the legitimate user experiences irregular responses from the application, and the server begins processing commands originating from the consultant’s injected traffic as though they were part of the established session.

The technique does not involve credential guessing or forcing the user to reauthenticate. Instead, it targets the communication channel already in progress.

From a network-level perspective, what type of session hijacking technique is being demonstrated?

Options:
A.

UDP Hijacking

B.

RST Hijacking

C.

Blind Hijacking

D.

TCP/IP Hijacking

Questions 45

Which wireless attack captures handshake?

Options:
A.

Deauth

B.

Jamming

C.

Spoofing

D.

Replay