Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free ECCouncil 312-50v13 Practice Exam with Questions & Answers | Set: 9

Questions 121

During a cybersecurity awareness drill at Quantum Analytics in San Francisco, California, the ethical hacking team tests the company’s defenses against social media-based threats. Nadia creates a fake LinkedIn profile posing as a senior HR manager from Quantum Analytics, using a stolen company logo and publicly available employee details. Nadia sends connection requests to several employees, including data analyst Priya Sharma, inviting them to join a private group called Quantum Analytics Innovation Hub. The group’s page prompts members to share their work email and department role for exclusive project updates.

What social engineering threat to corporate networks is Nadia’s exercise primarily simulating?

Options:
A.

Loss of Productivity

B.

Involuntary Data Leakage

C.

Spam and Phishing

D.

Network Vulnerability Exploitation

ECCouncil 312-50v13 Premium Access
Questions 122

Under the neon glow of Seattle ' s skyline, ethical hacker Elena Vasquez slips into her role as a cybersecurity consultant for Cascade Financial ' s online banking platform. Tasked with probing the web server ' s defenses, Elena simulates a series of rapid login attempts to the admin portal. She notes that the system allows unlimited tries without locking the account, exposing a gap that could invite relentless password-guessing attacks. Determined to safeguard the bank ' s assets, Elena drafts a recommendation to fortify the server ' s authentication process against such threats.

What countermeasure should Elena recommend to strengthen Cascade Financial ' s web server against the vulnerability identified?

Options:
A.

Implement 2FA or MFA

B.

Force users to periodically change passwords

C.

Use CAPTCHA challenges on login and registration pages

D.

Use strong, one-way hashing algorithms such as bcrypt, scrypt, or Argon2

Questions 123

During a forensic investigation of an attack on a media company in New York, analysts discovered that a non-privileged process loaded a malicious library instead of the intended library because the attacker placed the rogue file in a directory Windows searched before the legitimate location. When the trusted application started, the attacker’s code executed with the application’s privileges. No registry changes or kernel exploits were involved. Which technique most likely enabled the privilege escalation?

Options:
A.

Privilege Escalation by Exploiting Vulnerabilities

B.

Privilege Escalation Using DLL Hijacking

C.

Access Token Manipulation

D.

Privilege Escalation by Bypassing User Account Control

Questions 124

In an ethical hacking methodology and framework, which of the following step is known for “active and passive information gathering”?

Options:
A.

Obfuscation

B.

Exploitation

C.

Reconnaissance

D.

Denial of service

Questions 125

Which technique is least useful during passive reconnaissance?

Options:
A.

WHOIS lookup

B.

Search engines

C.

Social media monitoring

D.

Nmap scanning

Questions 126

During a black-box internal penetration test, a security analyst identifies an SNMPv2-enabled Linux server using the default community string “public.” The analyst wants to enumerate running processes. Which Nmap command retrieves this information?

Options:
A.

nmap -sU -p 161 --script snmp-sysdescr

B.

nmap -sU -p 161 --script snmp-win32-services

C.

nmap -sU -p 161 --script snmp-processes

D.

nmap -sU -p 161 --script snmp-interfaces

Questions 127

Justin Fletcher is conducting an authorized assessment for EverSafe Technologies in Las Vegas. During the active reconnaissance phase, he interacts directly with the organization ' s infrastructure to retrieve structural details about how its public-facing systems are logically organized. His activity generates entries within the target environment ' s monitoring systems. Which type of active footprinting technique is Justin performing?

Options:
A.

Network/port scanning

B.

DNS interrogation

C.

Social engineering

D.

User and service enumeration

Questions 128

Attackers abused Android Debug Bridge (ADB) to issue unauthorized commands. What is the strongest countermeasure?

Options:
A.

Enforce VPN usage

B.

Adopt biometric authentication

C.

Disable ADB except in strictly controlled environments

D.

Frequently update MDM systems

Questions 129

At Bayview University in San Francisco, California, ethical hacker Sofia Patel is evaluating security controls on Android 11 tablets used by staff. To simulate an attack, she installs KingoRoot.apk directly on one of the devices. The application leverages system vulnerabilities to elevate privileges without requiring a computer connection. Based on the module, which feature of this rooting approach makes the attack effective?

Options:
A.

It uses a tethered jailbreak to restart the device with patched kernel functions

B.

It is an APK that can run directly on the device without a PC

C.

It relies on weak SSL validation to bypass application controls

D.

It exploits Bluetooth pairing flaws to gain device-level privileges

Questions 130

Working as an Information Security Analyst at a technology firm, you are designing training material for employees about the dangers of session hijacking. As part of the training, you want to explain how attackers could use sidejacking to compromise user accounts. Which of the following scenarios most accurately describes a sidejacking attack?

Options:
A.

An attacker exploits a vulnerability in the company’s network firewall to gain unauthorized access to internal systems.

B.

An attacker intercepts network traffic, captures unencrypted session cookies, and uses them to impersonate the user.

C.

An attacker uses social engineering techniques to trick an employee into revealing their password.

D.

An attacker convinces an employee to visit a malicious website that injects a harmful script into their browser.

Questions 131

A financial clearinghouse in Newark, New Jersey, initiated a structured vulnerability review across its enterprise servers. The scanning platform was configured to collect detailed information about installed updates, local security configurations, and system policy settings on each target machine. The resulting report contained granular host-level findings, including configuration inconsistencies and patch gaps that required direct system-level inspection to obtain. Based on the activity described, what type of vulnerability scanning is being performed?

Options:
A.

Automated Scanning

B.

Non-Credentialed Scanning

C.

Application Scanning

D.

Credentialed Scanning

Questions 132

What is the most plausible attack vector an APT group would use to compromise an IoT-based environmental control system?

Options:
A.

Exploiting zero-day firmware vulnerabilities

B.

Using stolen user credentials

C.

Encrypted MitM attack

D.

DDoS attack

Questions 133

During a strategic security briefing at Meridian Global Analytics in Washington, D.C., executives review a series of coordinated activities targeting national infrastructure. These activities include manipulating digital media to influence public perception, disrupting communication networks, and degrading critical systems to weaken institutional stability without direct conventional military engagement.

What form of conflict best describes this type of coordinated activity?

Options:
A.

Cyber Espionage

B.

Information Warfare

C.

Hacktivism

D.

Cyberterrorism

Questions 134

You are an ethical hacker at SecureNet Solutions, conducting a penetration test for BlueRidge Manufacturing in Denver, Colorado. While auditing their wireless network, you observe that the access point uses a security protocol that employs the RC4 algorithm with a 24-bit initialization vector IV to encrypt data between network clients. Based on the observed encryption characteristics, which wireless encryption protocol is the access point using?

Options:
A.

WPA

B.

WPA2

C.

WEP

D.

WPA3

Questions 135

At a digital marketing firm in Atlanta, Georgia, employees began reporting that access to a widely used cloud collaboration portal was intermittently redirecting them to a counterfeit interface hosted on an unfamiliar IP address. Security engineers observed that when multiple users across different departments attempted to access the legitimate domain, they consistently received the same incorrect IP resolution. The anomalous behavior persisted across sessions and affected numerous internal clients until the organization ' s name resolution service was restarted, after which normal resolution resumed. What DNS manipulation technique best explains this scenario?

Options:
A.

Performing Intranet DNS Spoofing within the local network

B.

Injecting malicious records through DNS Cache Poisoning

C.

Executing Proxy Server DNS Poisoning to alter resolution paths

D.

Conducting Internet DNS Spoofing from a remote network