nerdexam
EC-Council

312-50V13 · Question #488

A Certified Ethical Hacker (CEH) is given the task to perform an LDAP enumeration on a target system. The system is secured and accepts connections only on secure LDAP. The CEH uses Python for the enu

The correct answer is B. The secure LDAP connection was not properly initialized due to a lack of 'use_ssl = True' in the. Explanation When connecting to secure LDAP (LDAPS), the connection must be explicitly initialized with use_ssl=True in the ldap3 library; without this parameter, the connection defaults to standard (unencrypted) LDAP, meaning the secure server will reject or not respond as expect

Submitted by lucia.co· Mar 6, 2026Enumeration

Question

A Certified Ethical Hacker (CEH) is given the task to perform an LDAP enumeration on a target system. The system is secured and accepts connections only on secure LDAP. The CEH uses Python for the enumeration process. After successfully installing LDAP and establishing a connection with the target, he attempts to fetch details like the domain name and naming context but is unable to receive the expected response. Considering the circumstances, which of the following is the most plausible reason for this situation?

Options

  • AThe Python version installed on the CEH's machine is incompatible with the Idap3 library
  • BThe secure LDAP connection was not properly initialized due to a lack of 'use_ssl = True' in the
  • CThe enumeration process was blocked by the target system's intrusion detection system
  • DThe system failed to establish a connection due to an incorrect port number

How the community answered

(64 responses)
  • A
    6% (4)
  • B
    77% (49)
  • C
    14% (9)
  • D
    3% (2)

Explanation

Explanation

When connecting to secure LDAP (LDAPS), the connection must be explicitly initialized with use_ssl=True in the ldap3 library; without this parameter, the connection defaults to standard (unencrypted) LDAP, meaning the secure server will reject or not respond as expected, causing the enumeration to fail silently. Option A is incorrect because Python version incompatibility would typically raise an installation or import error, preventing the script from running at all rather than producing missing responses. Option C is incorrect because an IDS block would more likely result in a connection timeout or refused connection error, not a successful connection with missing data. Option D is incorrect because an incorrect port would prevent the connection from being established entirely, which contradicts the scenario stating the connection was successfully established.

Memory Tip

Think of use_ssl=True as the "security handshake badge" - just like you can't enter a secure building without showing your badge, you can't successfully communicate with a secure LDAP server without explicitly declaring SSL in your connection parameters. If the badge is missing, you get in the door but no one talks to you!

Topics

#LDAP Enumeration#Secure LDAP#Python Scripting#SSL/TLS

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice