Browse Exams Pricing

Exams312-50V12Questions

312-50V12 Exam Questions

322 real 312-50V12 exam questions with expert-verified answers and explanations. Page 3 of 7.

Question #101Reconnaissance Techniques
In an attempt to damage the reputation of a competitor organization, Hailey, a professional hacker, gathers a list of employee and client email addresses and other related informat...
Information gatheringWordlist generationBrute-force attackCeWL
Question #102Cryptography
Sam, a web developer, was instructed to incorporate a hybrid encryption software program into a web application to secure email messages. Sam used an encryption software, which is...
Hybrid encryptionOpenPGPGPGEmail security
Question #103Cryptography
In this form of encryption algorithm, every individual block contains 64-bit data, and three keys are used, where each key consists of 56 bits. Which is this encryption algorithm?
Symmetric encryption3DESBlock cipherCryptography algorithms
Question #104Web Application Hacking
John is investigating web-application firewall logs and observers that someone is attempting to inject the following: What type of attack is this?
Buffer overflowWeb application attacksWAF logsAttack identification
Question #105Network and Perimeter Hacking
John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detec...
Advanced Persistent Threat (APT)Network SecurityData ExfiltrationStealth Operations
Question #106Reconnaissance Techniques
You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade...
NmapPort scanningIDS evasionNetwork reconnaissanceStealth scanning
Question #107Wireless Network, Mobile, IoT, and OT Hacking
This wireless security protocol allows 192-bit minimum-strength security protocols and cryptographic tools to protect sensitive data, such as GCMP-256, HMAC-SHA384, and ECDSA using...
Wireless securityWPA3-EnterpriseCryptographyAuthentication protocols
Question #108Web Application Hacking
What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages?
Web server misconfigurationVerbose error messagesphp.iniInformation leakage
Question #109Reconnaissance Techniques
Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the at...
DNS footprintingDNS reconnaissanceInformation gathering toolsBluto
Question #110Web Application Hacking
Which of the following types of SQL injection attacks extends the results returned by the original query, enabling attackers to run two or more statements if they have the same str...
SQL injectionUnion SQL injectionWeb application attacksData exfiltration
Question #111System Hacking Phases and Attack Techniques
Tony is a penetration tester tasked with performing a penetration test. After gaining initial access to a target system, he finds a list of hashed passwords. Which of the following...
Password crackingHashed passwordsJohn the RipperHashcatNetcat
Question #112Reconnaissance Techniques
Which of the following Google advanced search operators helps an attacker in gathering information about websites that are similar to a specified target URL?
Google dorkingOSINTInformation gatheringReconnaissance techniques
Question #113Information Security and Ethical Hacking Overview
You are a penetration tester working to test the user awareness of the employees of the client XYZ. You harvested two employees' emails from some public sources and are creating a...
Cyber Kill Chainweaponizationclient-side attacksocial engineering
Question #114Reconnaissance Techniques
While performing an Nmap scan against a host, Paola determines the existence of a firewall. In an attempt to determine whether the firewall is stateful or stateless, which of the f...
Nmapfirewall detectionstateful firewallstateless firewall
Question #115System Hacking Phases and Attack Techniques
A newly joined employee, Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator....
vulnerability assessmenthost-based assessmentsystem hardeningconfiguration review
Question #116Web Application Hacking
Jane, an ethical hacker, is testing a target organization's web server and website to identify security loopholes. In this process, she copied the entire website and its content on...
website mirroringweb reconnaissanceinformation gatheringweb application mapping
Question #117System Hacking Phases and Attack Techniques
Which among the following is the best example of the hacking concept called "clearing tracks"?
Clearing tracksPost-exploitationAnti-forensicsSystem hacking
Question #118Cloud Computing
Upon establishing his new startup, Tom hired a cloud service provider (CSP) but was dissatisfied with their service and wanted to move to another CSP. What part of the contract mig...
cloud vendor lock-incloud contractscloud service provider
Question #119Cloud Computing
Alex, a cloud security engineer working in Eyecloud Inc. is tasked with isolating applications from the underlying infrastructure and stimulating communication via well-defined cha...
containerizationDockerPaaSapplication isolation
Question #120Network and Perimeter Hacking
Which type of attack attempts to overflow the content-addressable memory (CAM) table in an Ethernet switch?
MAC floodingCAM tableEthernet switchnetwork attack
Question #121System Hacking Phases and Attack Techniques
An organization is performing a vulnerability assessment for mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on th...
vulnerability assessmentinference-based assessmentservice-based scanningport scanning
Question #122Reconnaissance Techniques
Taylor, a security professional, uses a tool to monitor her company's website, analyze the website's traffic, and track the geographical location of the users visiting the company'...
web analyticswebsite monitoringtraffic analysisgeo-location tracking
Question #123Reconnaissance Techniques
Becky has been hired by a client from Dubai to perform a penetration test against one of their remote offices. Working from her location in Columbus, Ohio, Becky runs her usual rec...
WhoisRIRIP address lookupreconnaissance
Question #124System Hacking Phases and Attack Techniques
Harry, a professional hacker, targets the IT infrastructure of an organization. After preparing for the attack, he attempts to enter the target network using techniques such as sen...
APT lifecycleInitial intrusionGaining accessVulnerability exploitation
Question #125Network and Perimeter Hacking
Robin, a professional hacker, targeted an organization's network to sniff all the traffic. During this process, Robin plugged in a rogue switch to an unused port in the LAN with a...
STP attackSpanning Tree Protocolrogue switchnetwork sniffing
Question #126Wireless Network, Mobile, IoT, and OT Hacking
An attacker utilizes a Wi-Fi Pineapple to run an access point with a legitimate-looking SSID for a nearby business in order to capture the wireless password. What kind of attack is...
Evil-twin attackWi-Fi Pineapplewireless hackingrogue access point
Question #127Web Application Hacking
CyberTech Inc. recently experienced SQL injection attacks on its official website. The company appointed Bob, a security professional, to build and incorporate defensive strategies...
SQL injection preventionwhitelist validationinput validationweb application security
Question #128Cloud Computing
Joe works as an IT administrator in an organization and has recently set up a cloud computing service for the organization. To implement this service, he reached out to a telecom c...
NIST cloud architecturecloud carriercloud service providernetwork connectivity
Question #129Wireless Network, Mobile, IoT, and OT Hacking
Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints t...
aLTEr attackman-in-the-middlecellular network hackingfake base station
Question #130Reconnaissance Techniques
John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the LDAP service f...
LDAP enumerationJXplorerinformation gatheringdirectory services
Question #131Cloud Computing
Your organization has signed an agreement with a web hosting provider that requires you to take full responsibility of the maintenance of the cloud-based resources. Which of the fo...
IaaScloud service modelsshared responsibilitycloud infrastructure
Question #132Reconnaissance Techniques
Richard, an attacker, targets an MNC In this process, he uses a footprinting technique to gather as much information as possible. Using this technique, he gathers domain informatio...
Whois footprintingdomain informationreconnaissancesocial engineering
Question #133Web Application Hacking
This type of injection attack does not show any error message. It is difficult to exploit as it returns information when the application is given SQL payloads that elicit a true or...
SQL InjectionBlind SQL InjectionWeb Application SecurityInjection Attacks
Question #134System Hacking Phases and Attack Techniques
Which rootkit is characterized by its function of adding code and/or replacing some of the operating- system kernel code to obscure a backdoor on a system?
RootkitsKernel-level rootkitSystem HackingBackdoors
Question #135Information Security and Ethical Hacking Overview
Mr. Omkar performed tool-based vulnerability assessment and found two vulnerabilities. During analysis, he found that these issues are not true vulnerabilities. What will you call...
Vulnerability AssessmentFalse PositivesSecurity Testing TerminologyAssessment Results
Question #136Wireless Network, Mobile, IoT, and OT Hacking
An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption. The attacker installed a rogue access point with only WPA2 compatibility i...
downgrade attackWPA2 crackingwireless securityrogue access point
Question #137Reconnaissance Techniques
A penetration tester is performing the footprinting process and is reviewing publicly available information about an organization by using the Google search engine. Which of the fo...
FootprintingGoogle DorkingSearch OperatorsReconnaissance
Question #138Cloud Computing
Annie, a cloud security engineer, uses the Docker architecture to employ a client/server model in the application she is working on. She utilizes a component that can process API r...
Docker architectureDocker daemoncontainerizationAPI requests
Question #139Wireless Network, Mobile, IoT, and OT Hacking
Bob, an attacker, has managed to access a target IoT device. He employed an online tool to gather information related to the model of the IoT device and the certifications granted...
IoT device reconnaissanceFCC ID search tool
Question #140Cryptography
What piece of hardware on a computer's motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possibl...
TPMhardware security moduledisk encryptionkey management
Question #141Web Application Hacking
Gilbert, a web developer, uses a centralized web API to reduce complexity and increase the integrity of updating and changing data. For this purpose, he uses a web service that use...
RESTful APIHTTP methodsweb services
Question #142System Hacking Phases and Attack Techniques
To create a botnet, the attacker can use several techniques to scan vulnerable machines. The attacker first collects information about a large number of vulnerable machines to crea...
Botnet creationhit-list scanningvulnerability scanning
Question #143Information Security and Ethical Hacking Overview
Nicolas just found a vulnerability on a public-facing system that is considered a zero-day vulnerability. He sent an email to the owner of the public system describing the problem...
White hat hackervulnerability disclosurezero-day vulnerability
Question #144Cloud Computing
You are a cybersecurity specialist at CloudTech Inc., a company providing cloud-based services. You are managing a project for a client who wants to migrate their sensitive data to...
Cloud data encryptionclient-side encryptionencryption key managementdata at rest
Question #145System Hacking Phases and Attack Techniques
In an advanced persistent threat scenario, an adversary follows a detailed set of procedures in the cyber kill chain. During one such instance, the adversary has successfully gaine...
APTcyber kill chaincommand and control (C2)DNS tunneling
Question #146Reconnaissance Techniques
As a part of an ethical hacking exercise, an attacker is probing a target network that is suspected to employ various honeypot systems for security. The attacker needs to detect an...
Honeypot detectionnetwork probingbrute force attackevasion techniques
Question #147Reconnaissance Techniques
A skilled ethical hacker was assigned to perform a thorough OS discovery on a potential target. They decided to adopt an advanced fingerprinting technique and sent a TCP packet to...
OS fingerprintingTCP flagsnetwork scanningECN-Echo
Question #148Web Application Hacking
In an intricate web application architecture using an Oracle database, you, as a security analyst, have identified a potential SQL Injection attack surface. The database consists o...
SQL Injectiondata exfiltrationdatabase hackingUNION SELECT
Question #149Network and Perimeter Hacking
A large enterprise has been experiencing sporadic system crashes and instability, resulting in limited access to its web services. The security team suspects it could be a result o...
Denial of Service (DoS)Ping of Deathoversized packetsnetwork attacks
Question #150Information Security and Ethical Hacking Overview
Your company has been receiving regular alerts from its IDS about potential intrusions. On further investigation, you notice that these alerts have been false positives triggered b...
Intrusion Detection System (IDS)YARA rulesfalse positivesthreat detection

PreviousPage 3 of 7Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.