Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free ECCouncil 312-50v13 Practice Exam with Questions & Answers | Set: 8

Questions 106

At Redwood Financial Group in Boston, Massachusetts, the security leadership team is formalizing a continual security strategy composed of four coordinated activities. During implementation planning, one team is assigned responsibility for reviewing operational data across the enterprise environment to recognize irregular patterns that may indicate malicious activity.

Within this model, which activity is responsible for this responsibility?

Options:
A.

Predict

B.

Protect

C.

Respond

D.

Detect

ECCouncil 312-50v13 Premium Access
Questions 107

A penetration tester performs a vulnerability scan on a company’s web server and identifies several medium-risk vulnerabilities related to misconfigured settings. What should the tester do to verify the vulnerabilities?

Options:
A.

Use publicly available tools to exploit the vulnerabilities and confirm their impact

B.

Ignore the vulnerabilities since they are medium-risk

C.

Perform a brute-force attack on the web server ' s login page

D.

Conduct a denial-of-service (DoS) attack to test the server ' s resilience

Questions 108

A penetration tester completes a vulnerability scan showing multiple low-risk findings and one high-risk vulnerability tied to outdated server software. What should the tester prioritize as the next step?

Options:
A.

Perform a brute-force attack on the server to gain access

B.

Ignore the high-risk vulnerability and proceed with testing other systems

C.

Focus on exploiting the low-risk vulnerabilities first

D.

Verify if the high-risk vulnerability is exploitable by checking for known exploits

Questions 109

A penetration tester needs to map open ports on a target network without triggering the organization’s intrusion detection systems (IDS), which are configured to detect standard scanning patterns and abnormal traffic volumes. To achieve this, the tester decides to use a method that leverages a third-party host to obscure the origin of the scan. Which scanning technique should be employed to accomplish this stealthily?

Options:
A.

Conduct a TCP FIN scan with randomized port sequences

B.

Perform a TCP SYN scan using slow-timing options

C.

Execute a UDP scan with packet fragmentation

D.

Use an Idle scan by exploiting a " zombie " host

Questions 110

While evaluating a smart card implementation, a security analyst observes that an attacker is measuring fluctuations in power consumption and timing variations during encryption operations on the chip. The attacker uses this information to infer secret keys used within the device. What type of exploitation is being carried out?

Options:
A.

Disrupt control flow to modify instructions

B.

Observe hardware signals to deduce secrets

C.

Crack hashes using statistical collisions

D.

Force session resets through input flooding

Questions 111

You are a security analyst conducting a footprinting exercise for a new client to gather information without direct interaction. After using search engines and public databases, you consider using Google Hacking (Google Dorking) techniques to uncover further vulnerabilities. Which option best justifies this decision?

Options:
A.

Google Hacking can help locate phishing websites that mimic the client’s website.

B.

Google Hacking can help discover hidden organizational data from the Deep Web.

C.

Google Hacking can help identify weaknesses in the client’s website code.

D.

Google Hacking can assist in mapping the client’s internal network structure.

Questions 112

During a red team exercise, a Certified Ethical Hacker (CEH) is attempting to exploit a potential vulnerability in a target organization’s web server. The CEH has completed the information gathering and footprinting phases and has mirrored the website for offline analysis. It has also been discovered that the server is vulnerable to session hijacking. Which of the following steps is most likely to be part of a successful attack methodology while minimizing the possibility of detection?

Options:
A.

Hijack an active session and immediately modify server configuration files.

B.

Attempt SQL injection to extract sensitive database information.

C.

Perform vulnerability scanning using automated tools to identify additional weaknesses.

D.

Launch a direct brute-force attack to crack the server’s administrative password.

Questions 113

During a penetration test at Sunshine Media ' s streaming platform in Miami, ethical hacker Sofia Alvarez examines whether the company ' s web server exposes sensitive resources through poor configuration. She finds that a crawler directive at the server ' s root allows unintended indexing of restricted areas. This oversight reveals internal paths that may expose hidden links, confidential files, or other sensitive information.

Which technique is Sofia most likely using in this assessment?

Options:
A.

Vulnerability Scanning

B.

Information Gathering from robots.txt File

C.

Web Server Footprinting/Banner Grabbing

D.

Directory Brute Forcing

Questions 114

You are an ethical hacker at HarborLine Assessments, engaged to audit the Wi-Fi at Portside Freight in Tacoma, Washington. During an overnight reconnaissance, you enable your wireless interface’s monitor mode and run a command that silently records beacon frames, probe responses, and authentication frames from nearby APs and clients into a capture file for later offline analysis—you do not transmit any frames from your laptop. Based on the described activity, which Wi-Fi security auditing tool are you most likely using?

Options:
A.

Aireplay-ng

B.

Aircrack-ng

C.

Airbase-ng

D.

Airodump-ng

Questions 115

A biotech research firm in Boston, Massachusetts, migrates its laboratory management platform to the cloud. The vendor provides an environment where developers can deploy and test custom applications without managing the underlying servers, operating systems, or storage. The firm controls the application logic but not the runtime infrastructure.

Which cloud service model is the company using?

Options:
A.

Infrastructure as a Service (IaaS)

B.

Platform as a Service (PaaS)

C.

Software as a Service (SaaS)

D.

Anything as a Service (XaaS)

Questions 116

While reviewing exposed infrastructure for a logistics company in Denver, Joe, a security analyst, identifies that one host is synchronizing time using UDP port 123. Probing further, he issues queries to extract details about peers, offsets, and delays. This allows him to gather internal hostnames and client IP addresses connected to the time server. Such information leakage could provide insight into the company ' s internal network structure.

Which technique was most likely used to obtain this information?

Options:
A.

DNS Zone Transfer Enumeration

B.

NTP Enumeration

C.

VoIP Enumeration

D.

NetBIOS Enumeration

Questions 117

A regional logistics provider in Charlotte, North Carolina operates its shipment tracking and partner API services on an Apache web platform configured to support a modern multiplexed communication protocol to improve efficiency under concurrent load. During a controlled stress assessment, testers simulate sustained client activity that repeatedly initiates and completes numerous lightweight exchanges over persistent connections.

Over time, system monitoring reveals that memory utilization steadily increases despite stable request volume and no proportional rise in active sessions. Even after the simulated clients disconnect normally, resource usage does not return to baseline levels. After several cycles, the service becomes sluggish and must be restarted to restore normal responsiveness. No unusual disk activity or database errors are observed during the test window.

The behavior is only present when the multiplexed protocol mode is enabled; reverting to legacy handling eliminates the issue.

Which Apache vulnerability best explains this behavior?

Options:
A.

DoS in HTTP/2 with Initial Window Size 0

B.

HTTP/2 Stream Memory Not Reclaimed on RST

C.

Insecure Default Configuration

D.

mod_macro Buffer Over-read

Questions 118

Which of the following tools can be used for passive OS fingerprinting?

Options:
A.

nmap

B.

ping

C.

tcpdump

D.

tracert

Questions 119

In Austin, Texas, ethical hacker Liam Carter is hired by Lone Star Healthcare to probe the defenses of their patient data network. During his penetration test, Liam aims to bypass the hospital’s firewall protecting a medical records server. To do so, he uses a tool to craft custom network packets, carefully designing their headers to slip past the firewall’s filtering rules. His goal is to demonstrate how an attacker could infiltrate the system, exposing vulnerabilities for the security team to address.

Which tool is Liam using to bypass Lone Star Healthcare’s firewall during his penetration test?

Options:
A.

Metasploit

B.

Colasoft Packet Builder

C.

Nmap

D.

Traffic IQ Professional

Questions 120

At Liberty Mutual ' s cybersecurity operations center in Boston, network engineer Marcus is troubleshooting a critical issue during peak transaction hours. Multiple VLANs are experiencing intermittent access delays, and several endpoints including those on isolated VLANs are receiving network traffic not intended for them, raising concerns about data exposure. Marcus notices that the issue began after a newly imaged workstation used by an intern named Lisa was connected to a trunk port in the server room. Switch logs indicate abnormal traffic patterns overwhelming the network.

Which sniffing technique is Lisa ' s workstation most likely using to cause this behavior?

Options:
A.

DNS Cache Poisoning

B.

ARP Poisoning

C.

MAC Flooding

D.

Switch Port Stealing