Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free ECCouncil 312-50v13 Practice Exam with Questions & Answers | Set: 7

Questions 91

Using nbtstat -A < IP > , NetBIOS names including < 20 > and < 03 > are retrieved, but shared folders cannot be listed. Why?

Options:
A.

File and printer sharing is disabled

B.

NetBIOS runs on a non-standard port

C.

nbtstat cannot enumerate shared folders

D.

The host is not in an AD domain

ECCouncil 312-50v13 Premium Access
Questions 92

During a red team assessment at a university in Chicago, Jake, a penetration tester, scans a group of older Windows workstations in the administration department. On several hosts, he notices traffic on UDP ports 137 and 138 as well as an open TCP port 139. Curious, he uses a utility to query the name table and session services. Within moments, he collects information including machine names, logged-in usernames, and available shared folders without authentication.

Which enumeration method is being demonstrated in this scenario?

Options:
A.

NFS Enumeration

B.

NetBIOS Enumeration

C.

SMB Enumeration

D.

SNMP Enumeration

Questions 93

Which technique is commonly used by attackers to evade firewall detection?

Options:
A.

Spoofing source IP addresses to appear trusted

B.

Using open-source operating systems

C.

Using encrypted communication channels

D.

Social engineering employees

Questions 94

During a routine security audit, administrators found that cloud storage backups were illegally accessed and modified. What countermeasure would most directly mitigate such incidents in the future?

Options:
A.

Deploying biometric entry systems

B.

Implementing resource auto-scaling

C.

Regularly conducting SQL injection testing

D.

Adopting the 3-2-1 backup model

Questions 95

During an authorized wireless security assessment, an ethical hacker captures traffic between client devices and a corporate access point to evaluate the strength of the implemented encryption mechanism. Packet analysis reveals that before protected data exchange begins, the client and access point complete a structured four-message key negotiation process. Subsequent traffic is encrypted using an AES-based counter mode protocol that integrates message authentication for integrity protection. Based on these observations, identify the wireless encryption standard deployed on the network.

Options:
A.

WEP

B.

WPA

C.

WPA2

D.

WPA3

Questions 96

Which strategy best mitigates session hijacking?

Options:
A.

IPsec VPN encryption

B.

Physical security

C.

Network IPS

D.

Security awareness training

Questions 97

A city utility billing portal in Raleigh, North Carolina includes a search field used to retrieve customer records. During an authorized penetration test, an assessor submits repeated instances of a character commonly interpreted within SQL statements as part of the input value.

The application does not display detailed error messages, yet certain submissions result in irregular response behavior and partial rendering of results. The tester suspects the input may be affecting how the SQL command is internally constructed.

Which black-box testing technique is being applied?

Options:
A.

Sending special characters to detect SQL modification behavior

B.

Sending arbitrary data to detect truncation issues

C.

Using right square bracket characters to detect identifier handling issues

D.

Sending isolated quotation characters to detect unsanitized input

Questions 98

An e-commerce platform hosted on a public cloud infrastructure begins to experience significant latency and timeouts. Logs show thousands of HTTP connections sending headers extremely slowly and never completing the full request. What DoS technique is most likely responsible?

Options:
A.

Slowloris holding web server connections

B.

Fragmentation flood attack

C.

UDP application-layer flooding

D.

SYN flood with spoofed source IPs

Questions 99

A cybersecurity team at a regional healthcare provider is conducting an internal red team exercise to assess their exposure to service enumeration attacks. Amanda, a senior penetration tester, is assigned to probe the internal network for services that may reveal usernames, group information, or system details without requiring prior authentication. She decides to target common services running on specific ports that are often misconfigured or loosely monitored. During her reconnaissance, Amanda identifies several open ports across various hosts and must now prioritize which ones to probe first for maximum information gain related to enumeration. Which of the following services should Amanda target as a priority to enumerate usernames and group information without authentication?

Options:
A.

TCP 139 and UDP 137, 138

B.

TCP 21 and UDP 137, 138

C.

TCP 23 and UDP 137, 138

D.

TCP 25 and UDP 133

Questions 100

Which advanced mobile attack is hardest to detect and mitigate?

Options:
A.

Mobile MitM

B.

Jailbreaking/Rooting

C.

Mobile Remote Access Trojan (RAT)

D.

Clickjacking

Questions 101

A penetration tester suspects that a web application ' s user profile page is vulnerable to SQL injection, as it uses the userID parameter in SQL queries without proper sanitization. Which technique should the tester use to confirm the vulnerability?

Options:
A.

Use the userID parameter to perform a brute-force attack on the admin login page

B.

Modify the userID parameter in the URL to ' OR ' 1 ' = ' 1 and check if it returns multiple profiles

C.

Inject HTML code into the userID parameter to test for Cross-Site Scripting (XSS)

D.

Attempt a directory traversal attack using the userID parameter

Questions 102

During a red team simul-ation, an attacker crafts packets with malformed checksums so the IDS accepts them but the target silently discards them. Which evasion technique is being employed?

Options:
A.

Insertion attack

B.

Polymorphic shellcode

C.

Session splicing

D.

Fragmentation attack

Questions 103

In the heart of Silicon Valley, California, network administrator Jake Henderson oversees the web infrastructure for TechTrend Innovations, a startup specializing in cloud solutions. During a routine architecture review, Jake evaluates the setup of their web server, which handles high-traffic API requests. He notes that the server’s primary module processes incoming requests and works with additional modules to manage encryption, URL rewriting, and authentication. Curious about the server’s design, Jake consults the documentation to ensure optimal performance and security.

Which web server component is Jake analyzing as part of TechTrend Innovations’ architecture?

Options:
A.

Virtual Document Tree

B.

Application Server

C.

Document Root

D.

HTTP Server Core

Questions 104

Maya Patel from SecureHorizon Consulting is investigating a breach at Dallas General Hospital in Texas after a nurse misplaced a smartphone containing patient management software. Although the device remained active on the network, administrators had no way to identify its physical whereabouts, delaying incident response and allowing sensitive medical records to be exposed for hours. Which mobile security guideline would have most directly reduced the impact of this incident?

Options:
A.

Use anti-virus and data loss prevention (DLP) solutions

B.

Utilize a secure VPN connection while accessing public Wi-Fi networks

C.

Install device tracking software that allows the device to be located remotely

D.

Register devices with a remote locate and wipe facility

Questions 105

In the hushed offices of Pinecrest Solutions in Denver, network security analyst Lisa Nguyen began a covert review of a recent spike in network access issues reported by the sales team. The trouble surfaced during a low-traffic period when agents couldn ' t reach their CRM system, prompting Lisa to examine the subnet logs. She spotted irregular IP assignment attempts linked to an unfamiliar device. Acting quickly, Lisa entered a series of commands on the Cisco switches and later confirmed that connectivity issues had ceased without any new devices appearing in the logs.

Which command did Lisa most likely use to address the issue?

Options:
A.

Switch(config)# ip dhcp snooping vlan 10

B.

Switch(config)# ip arp inspection vlan 10

C.

Switch(config)# ip dhcp snooping

D.

Switch(config-if)# switchport port-security