312-50V12 Exam Questions
322 real 312-50V12 exam questions with expert-verified answers and explanations. Page 7 of 7.
- Question #303Web Application Hacking
Calvin, a software developer, uses a feature that helps him auto-generate the content of a web page without manual involvement and is integrated with SSI directives. This leads to...
Server-Side Includes (SSI)injection attacksweb application vulnerabilitiesinput validation - Question #304Web Application Hacking
Jack, a professional hacker, targets an organization and performs vulnerability scanning on the target web server to identify any possible weaknesses, vulnerabilities, and misconfi...
vulnerability scanningweb security toolsNetsparkerweb server security - Question #305System Hacking Phases and Attack Techniques
Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target...
spear-phishingsocial engineeringmalware deliveryICS security - Question #306Reconnaissance Techniques
In an attempt to damage the reputation of a competitor organization, Hailey, a professional hacker, gathers a list of employee and client email addresses and other related informat...
wordlist generationCeWLbrute-force attacksreconnaissance tools - Question #307Network and Perimeter Hacking
Miley, a professional hacker, decided to attack a target organization's network. To perform the attack, she used a tool to send fake ARP messages over the target network to link he...
ARP spoofingMan-in-the-Middle (MITM)BetterCAPnetwork attacks - Question #309Cryptography
Kevin, an encryption specialist, implemented a technique that enhances the security of keys used for encryption and authentication. Using this technique, Kevin input an initial key...
key stretchingcryptographic keysbrute-force resistancekey derivation function - Question #310Wireless Network, Mobile, IoT, and OT Hacking
Jake, a professional hacker, installed spyware on a target iPhone to spy on the target user's activities. He can take complete control of the target mobile device by jailbreaking t...
mobile hackingiOS securityspywarejailbreaking - Question #311Wireless Network, Mobile, IoT, and OT Hacking
Robert, a professional hacker, is attempting to execute a fault injection attack on a target IoT device. In this process, he injects faults into the power supply that can be used f...
fault injectionIoT securitypower glitchingclock glitching - Question #312Wireless Network, Mobile, IoT, and OT Hacking
Kate dropped her phone and subsequently encountered an issue with the phone's internal speaker. Thus, she is using the phone's loudspeaker for phone calls and other activities. Bob...
mobile hackingacoustic side-channel attackSpearphone attackprivacy breach - Question #313Reconnaissance Techniques
Dayn, an attacker, wanted to detect if any honeypots are installed in a target network. For this purpose, he used a time-based TCP fingerprinting method to validate the response to...
honeypot detectionTCP fingerprintingHoneydevasion techniques - Question #314Wireless Network, Mobile, IoT, and OT Hacking
Morris, an attacker, wanted to check whether the target AP is in a locked state. He attempted using different utilities to identify WPS-enabled APs in the target wireless network....
WPSwireless securitywashAP enumeration - Question #315Cryptography
BitLocker encryption has been implemented for all the Windows-based computers in an organization. You are concerned that someone might lose their cryptographic key. Therefore, a me...
key escrowBitLockercryptographic key managementActive Directory - Question #316Information Security and Ethical Hacking Overview
A post-breach forensic investigation revealed that a known vulnerability in Apache Struts was to blame for the Equifax data breach that affected 143 million customers. A fix was av...
patch managementvulnerability managementEquifax breachsecurity processes - Question #317System Hacking Phases and Attack Techniques
Which type of malware spreads from one system to another or from one network to another and causes similar types of damage as viruses do to the infected system?
malwarewormvirusnetwork propagation - Question #318Reconnaissance Techniques
Which is the first step followed by Vulnerability Scanners for scanning a network?
vulnerability scanninghost discoverynetwork scanning phasesreconnaissance - Question #319Network and Perimeter Hacking
Which Nmap switch helps evade IDS or firewalls?
NmapIDS evasionfirewall evasiondecoy scan - Question #320Web Application Hacking
A "Server-Side Includes" attack refers to the exploitation of a web application by injecting scripts in HTML pages or executing arbitrary code remotely. Which web-page file type, i...
Server-Side Includes (SSI)injection attacksweb application vulnerabilities.stm file - Question #321Cryptography
Harper, a software engineer, is developing an email application. To ensure the confidentiality of email messages, Harper uses a symmetric-key block cipher having a classical 12- or...
symmetric encryptionblock cipherCAST-128Feistel network - Question #322Web Application Hacking
Ron, a security professional, was pen testing web applications and SaaS platforms used by his company. While testing, he found a vulnerability that allows hackers to gain unauthori...
API securityauthorization bypassABACweb application vulnerabilities - Question #323Reconnaissance Techniques
Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information abou...
dark webfootprintinganonymityreconnaissance techniques - Question #324Cloud Computing
Thomas, a cloud security professional, is performing security assessment on cloud services to identify any loopholes. He detects a vulnerability in a bare-metal cloud server that c...
cloud securityfirmware compromisebare-metal serversCloudborne attack - Question #325Information Security and Ethical Hacking Overview
Which of the following tactics uses malicious code to redirect users' web traffic?
pharmingweb traffic redirectionsocial engineering