312-50V12 Exam Questions
322 real 312-50V12 exam questions with expert-verified answers and explanations. Page 2 of 7.
- Question #51Cloud Computing
Eric, a cloud security engineer, implements a technique for securing the cloud resources used by his organization. This technique assumes by default that a user attempting to acces...
Cloud securityZero TrustNetwork securityAccess control - Question #52Wireless Network, Mobile, IoT, and OT Hacking
You are a penetration tester tasked with testing the wireless network of your client Brakeme SA. You are attempting to break into the wireless network with the SSID "Brakeme-Intern...
Wireless securityWPA3DragonbloodWireless hacking - Question #53Information Security and Ethical Hacking Overview
What is the common name for a vulnerability disclosure program opened by companies in platforms such as HackerOne?
Ethical hackingVulnerability disclosureBug bountySecurity programs - Question #54Web Application Hacking
A DDoS attack is performed at layer 7 to take down web infrastructure. Partial HTTP requests are sent to the web infrastructure or applications. Upon receiving a partial request, t...
DDoSLayer 7 attackWeb application attackSlowloris - Question #55Reconnaissance Techniques
Andrew is an Ethical Hacker who was assigned the task of discovering all the active devices hidden by a restrictive firewall in the IPv4 range in a given target network. Which of t...
Host DiscoveryARP ScanFirewall EvasionNetwork Reconnaissance - Question #56Cloud Computing
Abel, a cloud architect, uses container technology to deploy applications/software including all its dependencies, such as libraries and configuration files, binaries, and other re...
Cloud securityContainerizationContainer lifecycleImage security - Question #57Reconnaissance Techniques
Henry is a cyber security specialist hired by BlackEye - Cyber Security Solutions. He was tasked with discovering the operating system (OS) of a host. He used the Unicornscan tool...
OS fingerprintingReconnaissanceNetwork scanningTTL values - Question #58Web Application Hacking
Daniel is a professional hacker who is attempting to perform an SQL injection attack on a target injection attempts based on predefined signatures. To evade any comparison statemen...
SQL injectionEvasion techniquesWeb application securityWAF evasion - Question #59Web Application Hacking
SQL injection (SQLi) attacks attempt to inject SQL syntax into web requests, which may bypass authentication and allow attackers to access and/or modify data attached to a web appl...
SQL injectionOut-of-band SQLiDNS exfiltrationWeb application hacking - Question #60Wireless Network, Mobile, IoT, and OT Hacking
Attacker Rony installed a rogue access point within an organization's perimeter and attempted to intrude into its internal network. Johnson, a security auditor, identified some unu...
Wireless securityRogue access pointVulnerability assessmentNetwork auditing - Question #61Wireless Network, Mobile, IoT, and OT Hacking
In this attack, an adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the vict...
KRACKKey Reinstallation AttackWPA2Wireless Security - Question #62Network and Perimeter Hacking
After an audit, the auditors inform you that there is a critical finding that you must tackle immediately. You read the audit report, and the problem is the service running on port...
LDAPLDAPSPort 389Secure protocols - Question #63Wireless Network, Mobile, IoT, and OT Hacking
Mike, a security engineer, was recently hired by BigFox Ltd. The company recently experienced disastrous DoS attacks. The management had instructed Mike to build defensive strategi...
DoS/DDoS countermeasuresJamming attacksCognitive radiosPhysical layer security - Question #64Network and Perimeter Hacking
You are using a public Wi-Fi network inside a coffee shop. Before surfing the web, you use your VPN to prevent intruders from sniffing your traffic. If you did not have a VPN, how...
ARP spoofing detectionARP tableMan-in-the-middle attacksNetwork forensics - Question #65Wireless Network, Mobile, IoT, and OT Hacking
Lewis, a professional hacker, targeted the IoT cameras and devices used by a target venture- capital firm. He used an information-gathering tool to collect information about the Io...
Information GatheringOSINTIoT Hacking ToolsCensys - Question #66Reconnaissance Techniques
Techno Security Inc. recently hired John as a penetration tester. He was tasked with identifying open ports in the target network and determining whether the ports are online and a...
NmapTCP SYN scanPort scanningNetwork reconnaissance - Question #67System Hacking Phases and Attack Techniques
Ricardo has discovered the username for an application in his target's environment. As he has a limited amount of time, he decides to attempt to use a list of common passwords he f...
Password crackingDictionary attackAuthentication attack - Question #68Web Application Hacking
What would be the fastest way to perform content enumeration on a given web server by using the Gobuster tool?
Web content enumerationGobusterWordlist attacksDirectory bruteforcing - Question #69Information Security and Ethical Hacking Overview
When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's Computer to update the router confi...
IDS alertsFalse positiveTrue positiveSecurity monitoring - Question #70Network and Perimeter Hacking
Garry is a network administrator in an organization. He uses SNMP to manage networked devices from a remote location. To manage nodes in the network, he uses MIB, which contains fo...
SNMPMIBNetwork managementLNMIB2.MIB - Question #71Reconnaissance Techniques
Emily, an extrovert obsessed with social media, posts a large amount of private information, photographs, and location tags of recently visited places. Realizing this, James, a pro...
OSINTSocial media intelligenceGeolocationHootsuite - Question #72Cryptography
Alice needs to send a confidential document to her coworker, Bryan. Their company has public key infrastructure set up. Therefore, Alice both encrypts the message and digitally sig...
Asymmetric CryptographyPublic Key Infrastructure (PKI)EncryptionDigital Signatures - Question #73Wireless Network, Mobile, IoT, and OT Hacking
What is the file that determines the basic configuration (specifically activities, services, broadcast receivers, etc.) in an Android application?
Android securityMobile application analysisAndroidManifest - Question #74System Hacking Phases and Attack Techniques
Mason, a professional hacker, targets an organization and spreads Emotet malware through malicious script. After infecting the victim's device, Mason further used Emotet to spread...
EmotetMalwareCredential enumerationNetwork shares - Question #75Wireless Network, Mobile, IoT, and OT Hacking
Which of the following Bluetooth hacking techniques refers to the theft of information from a wireless device through Bluetooth?
Bluetooth HackingWireless SecurityBluesnarfing - Question #76Reconnaissance Techniques
While browsing his Facebook feed, Matt sees a picture one of his friends posted with the caption, "Learn more about your friends!", as well as a number of personal questions. Matt...
Social engineeringSecurity questionsAccount compromiseInformation gathering - Question #77System Hacking Phases and Attack Techniques
Attacker Simon targeted the communication network of an organization and disabled the security controls of NetNTLMv1 by modifying the values of LMCompatibilityLevel, NTLMMinClientS...
NTLMv1 attacksPrivilege escalationToken impersonationInternal Monologue attack - Question #78Reconnaissance Techniques
Steve, an attacker, created a fake profile on a social media website and sent a request to Stella. Stella was enthralled by Steve's profile picture and the description given for hi...
Social engineeringHoney trapInformation gatheringHuman exploitation - Question #79Reconnaissance Techniques
Hackers often raise the trust level of a phishing message by modeling the email to look similar to the internal email used by the target company. This includes using logos, formatt...
ReconnaissanceInformation gatheringOSINTPhishing preparation - Question #80Information Security and Ethical Hacking Overview
Attacker Lauren has gained the credentials of an organization's internal server system, and she was often logging in during irregular times to monitor the network activities. The o...
Incident responseIncident triageIncident handling phasesSecurity incident analysis - Question #81Information Security and Ethical Hacking Overview
At what stage of the cyber kill chain theory model does data exfiltration occur?
Cyber Kill ChainData exfiltrationActions on objectivesAttack phases - Question #82System Hacking Phases and Attack Techniques
Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming...
Social EngineeringElicitationVishingMalware - Question #83Web Application Hacking
An organization decided to harden its security against web-application and web-server attacks. John, a security personnel in the organization, employed a security scanner to automa...
Web application scannerSyhunt HybridXSSSQL injection - Question #84System Hacking Phases and Attack Techniques
Which of the following Metasploit post-exploitation modules can be used to escalate privileges on Windows systems?
MetasploitPrivilege escalationWindows hackingPost-exploitation modules - Question #85Reconnaissance Techniques
Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port scanning on a target host in the network. While performing the given task...
Port scanningTCP Maimon scanFIN/ACK probesNetwork discovery - Question #86Wireless Network, Mobile, IoT, and OT Hacking
An organization has automated the operation of critical infrastructure from a remote location. For this purpose, all the industrial control systems are connected to the Internet. T...
OT securityIndustrial Control Systems (ICS)Critical infrastructureFlowmon - Question #87Cloud Computing
Heather's company has decided to use a new customer relationship management tool. After performing the appropriate research, they decided to purchase a subscription to a cloud-host...
Cloud computingSaaSCloud service modelsShared responsibility model - Question #88Reconnaissance Techniques
Juliet, a security researcher in an organization, was tasked with checking for the authenticity of images to be used in the organization's magazines. She used these images as a sea...
Reverse Image SearchOSINTFootprintingSource Tracking - Question #89System Hacking Phases and Attack Techniques
Mary, a penetration tester, has found password hashes in a client system she managed to breach. She needs to use these passwords to continue with the test, but she does not have ti...
Pass the hashPost-exploitationLateral movementNTLM hashes - Question #90Reconnaissance Techniques
Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network to identify the active systems, network services, appl...
Vulnerability assessmentPassive reconnaissanceNetwork sniffing - Question #91Information Security and Ethical Hacking Overview
Which of the following protocols can be used to secure an LDAP service against anonymous queries?
LDAP SecurityAuthentication ProtocolsNTLMAccess Control - Question #92Reconnaissance Techniques
During the enumeration phase, Lawrence performs banner grabbing to obtain information such as OS details and versions of services running. The service that he enumerated runs direc...
Banner grabbingService enumerationSMBPort 445 - Question #93Wireless Network, Mobile, IoT, and OT Hacking
Jane invites her friends Alice and John over for a LAN party. Alice and John access Jane's wireless network without a password. However, Jane has a long, complex password on her ro...
Wireless attacksEvil twinRogue access pointWi-Fi security - Question #94Reconnaissance Techniques
Which file is a rich target to discover the structure of a website during web-server footprinting?
Web server footprintingRobots.txtInformation gatheringWebsite structure - Question #95Network and Perimeter Hacking
John, a professional hacker, decided to use DNS to perform data exfiltration on a target network. In this process, he embedded malicious data into the DNS protocol packets that eve...
DNS tunnelingData exfiltrationFirewall bypassC2 communication - Question #96Wireless Network, Mobile, IoT, and OT Hacking
There have been concerns in your network that the wireless network component is not sufficiently secure. You perform a vulnerability scan of the wireless network and find that it i...
Wireless encryptionWEPWireless securityOutdated protocols - Question #97Wireless Network, Mobile, IoT, and OT Hacking
Jacob works as a system administrator in an organization. He wants to extract the source code of a mobile application and disassemble the application to analyze its design flaws. U...
Mobile application securityReverse engineeringVulnerability analysisSource code analysis - Question #98Web Application Hacking
Calvin, a grey-hat hacker, targets a web application that has design flaws in its authentication mechanism. He enumerates usernames from the login form of the web application, whic...
Web application hackingAuthentication flawsVerbose error messagesUsername enumeration - Question #99Reconnaissance Techniques
Henry is a penetration tester who works for XYZ organization. While performing enumeration on a client organization, he queries the DNS server for a specific cached DNS record. Fur...
DNS enumerationDNS cache snoopingInformation gatheringFootprinting - Question #100System Hacking Phases and Attack Techniques
An attacker decided to crack the passwords used by industrial control systems. In this process, he employed a loop strategy to recover these passwords. He used one character at a t...
Side-channel attackTiming attackPassword crackingIndustrial Control Systems (ICS)