EC-CouncilEC-Council
312-50V12 · Question #22
312-50V12 Question #22: Real Exam Question with Answer & Explanation
The correct answer is B: DROWN attack. DROWN attack: Decrypting SSL/TLS communications through SSLv2 vulnerability.
Submitted by khalil_dz· Mar 4, 2026Cryptography
Question
Samuel, a security administrator, is assessing the configuration of a web server. He noticed that the server permits SSLv2 connections, and the same private key certificate is used on a different server that allows SSLv2 connections. This vulnerability makes the web server vulnerable to attacks as the SSLv2 server can leak key information. Which of the following attacks can be performed by exploiting the above vulnerability?
Options
- APadding oracle attack
- BDROWN attack
- CDUHK attack
- DSide-channel attack
Explanation
DROWN attack: Decrypting SSL/TLS communications through SSLv2 vulnerability.
Topics
#SSLv2 vulnerability#DROWN attack#private key leakage
Community Discussion
No community discussion yet for this question.