312-50V13 Exam Questions
626 real 312-50V13 exam questions with expert-verified answers and explanations. Page 11 of 13.
- Question #503Cryptography
Your company, SecureTech Inc., is planning to transmit some sensitive data over an unsecured communication channel. As a cyber security expert, you decide to use symmetric key encr...
symmetric encryptionkey exchangeDiffie-Hellmancryptographic protocols - Question #504SQL Injection
During an attempt to perform an SQL injection attack, a certified ethical hacker is focusing on the identification of database engine type by generating an ODBC error. The ethical...
SQL InjectionBlind SQL InjectionInformation GatheringError Handling - Question #505System Hacking
A malicious user has acquired a Ticket Granting Service from the domain controller using a valid user's Ticket Granting Ticket in a Kerberoasting attack. He exhorted the TGS ticket...
KerberoastingKerberosService Account SecurityIncident Response - Question #506Scanning Networks
An ethical hacker is hired to conduct a comprehensive network scan of a large organization that strongly suspects potential intrusions into their internal systems. The hacker decid...
Network scanningHost discoveryPort scanningHping3 Nmap - Question #507Cryptography
You are the chief cybersecurity officer at CloudSecure Inc., and your team is responsible for securing a cloudbased application that handles sensitive customer data. To ensure that...
Data in TransitIPsecSSL/TLSData Integrity - Question #508Hacking Web Servers
As part of a college project, you have set up a web server for hosting your team's application. Given your interest in cybersecurity, you have taken the lead in securing the server...
Web Server SecurityServer MisconfigurationSecurity AuditsAttack Prevention - Question #509Enumeration
You are an ethical hacker tasked with conducting an enumeration of a company's network. Given a Windows system with NetBIOS enabled, port 139 open, and file and printer sharing act...
NetBIOS EnumerationIPv6nbtstatEnumeration Tools - Question #510Cryptography
You are the lead cybersecurity analyst at a multinational corporation that uses a hybrid encryption system to secure inter-departmental communications. The system uses RSA encrypti...
symmetric encryptionAEScryptographic algorithmskey strength - Question #511Evading IDS, Firewalls, and Honeypots
As a part of an ethical hacking exercise, an attacker is probing a target network that is suspected to employ various honeypot systems for security. The attacker needs to detect an...
Honeypot detectionEvasion techniquesBrute force attackNetwork reconnaissance - Question #512Footprinting and Reconnaissance
A penetration tester is tasked with gathering information about the subdomains of a target organization's website. The tester needs a versatile and efficient solution for the task....
Subdomain EnumerationReconnaissanceOSINTSublist3r - Question #513Footprinting and Reconnaissance
In the process of footprinting a target website, an ethical hacker utilized various tools to gather critical information. The hacker encountered a target site where standard web sp...
FootprintingWeb SpideringBurp SuiteTraffic Monitoring - Question #514Cryptography
Your company, Encryptor Corp, is developing a new application that will handle highly sensitive user information. As a cybersecurity specialist, you want to ensure this data is sec...
Digital SignaturesData IntegrityCryptographic MechanismsMessage Authentication - Question #515Malware Threats
An organization has been experiencing intrusion attempts despite deploying an Intrusion Detection System (IDS) and Firewalls. As a Certified Ethical Hacker, you are asked to reinfo...
YARA rulesMalware detectionIntrusion Detection System (IDS)Rule generation - Question #516Enumeration
Being a Certified Ethical Hacker (CEH), a company has brought you on board to evaluate the safety measures in place for their network system. The company uses a network time protoc...
NTP enumerationntptrace commandNetwork tracing - Question #517Denial-of-Service
A large enterprise has been experiencing sporadic system crashes and instability, resulting in limited access to its web services. The security team suspects it could be a result o...
Denial of Service (DoS)Ping of DeathOversized PacketsNetwork Attacks - Question #518Introduction to Ethical Hacking
A cyber attacker has initiated a series of activities against a high-profile organization following the Cyber Kill Chain Methodology. The attacker is presently in the "Delivery" st...
Cyber Kill Chainattack lifecycledelivery stageexploitation - Question #519Social Engineering
An experienced cyber attacker has created a fake Linkedin profile, successfully impersonating a high- ranking official from a well-established company, to execute a social engineer...
Social EngineeringWhalingImpersonationTargeted Attacks - Question #520Sniffing
A large corporate network is being subjected to repeated sniffing attacks. To increase security, the company's IT department decides to implement a combination of several security...
Sniffing countermeasuresNetwork monitoringThreat detection - Question #521Social Engineering
During a reconnaissance mission, an ethical hacker uses Maltego, a popular footprinting tool, to collect information about a target organization. The information includes the targe...
Social EngineeringFootprintingReconnaissanceInformation Gathering - Question #522Vulnerability Analysis
In the process of implementing a network vulnerability assessment strategy for a tech company, the security analyst is confronted with the following scenarios: 1) A legacy applicat...
Vulnerability ScanningVulnerability AssessmentTool LimitationsSoftware Reliability - Question #523Sniffing
In a large organization, a network security analyst discovered a series of packet captures that seem unusual. The network operates on a switched Ethernet environment. The security...
SniffingSwitched NetworksMAC FloodingNetwork Attacks - Question #524SQL Injection
While performing a security audit of a web application, an ethical hacker discovers a potential vulnerability. The application responds to logically incorrect queries with detailed...
SQL InjectionError-based SQL InjectionWeb Application HackingVulnerability Exploitation - Question #525Malware Threats
A security analyst is preparing to analyze a potentially malicious program believed to have infiltrated an organization's network. To ensure the safety and integrity of the product...
Malware AnalysisSecurity Best PracticesIsolated EnvironmentSecure File Transfer - Question #526System Hacking
A network security analyst, while conducting penetration testing, is aiming to identify a service account password using the Kerberos authentication protocol. They have a valid use...
KerberoastingActive Directory securityService ticketsPassword cracking - Question #527Cloud Computing
As a security analyst for Sky Secure Inc., you are working with a client that uses a multi-cloud strategy, utilizing services from several cloud providers. The client wants to impl...
Cloud SecurityMulti-cloud StrategyCASBUnified Security Management - Question #528Session Hijacking
During a red team engagement, an ethical hacker is tasked with testing the security measures of an organization's wireless network. The hacker needs to select an appropriate tool t...
Session HijackingWireless Network HackingHacking ToolsWPA-PSK - Question #529Malware Threats
An IT security team is conducting an internal review of security protocols in their organization to identify potential vulnerabilities. During their investigation, they encounter a...
KeyloggerMalware detectionIntrusion Detection System (IDS)Security controls - Question #530Cryptography
You are the chief security officer at AlphaTech, a tech company that specializes in data storage solutions. Your company is developing a new cloud storage platform where users can...
Symmetric EncryptionKey ManagementKey ExchangeDiffie-Hellman - Question #531Enumeration
A penetration tester is performing an enumeration on a client's network. The tester has acquired permission to perform enumeration activities. They have identified a remote inter-p...
EnumerationIPC ShareBrute ForceCredential Attack - Question #532Vulnerability Analysis
A cybersecurity analyst in an organization is using the Common Vulnerability Scoring System to assess and prioritize identified vulnerabilities in their IT infrastructure. They enc...
CVSSvulnerability scoringvulnerability analysisrisk assessment - Question #533IoT Hacking
You are a cybersecurity consultant for a healthcare organization that utilizes Internet of Medical Things (IoMT) devices, such as connected insulin pumps and heart rate monitors, t...
IoMT SecurityNetwork SegmentationIoT DevicesHealthcare Security - Question #534Cryptography
As a cybersecurity consultant for SafePath Corp, you have been tasked with implementing a system for secure email communication. The key requirement is to ensure both confidentiali...
CryptographyNon-repudiationConfidentialityDigital Signatures - Question #535Denial-of-Service
An audacious attacker is targeting a web server you oversee. He intends to perform a Slow HTTP POST attack, by manipulating 'a' HTTP connection. Each connection sends a byte of dat...
Slow HTTP POSTDenial-of-Service (DoS)Resource exhaustionWeb server attack - Question #536Session Hijacking
Jake, a network security specialist, is trying to prevent network-level session hijacking attacks in his company. While studying different types of such attacks, he learns about a...
Session HijackingMan-in-the-middleARP SpoofingPacket Rerouting - Question #537Denial-of-Service
A well-resourced attacker intends to launch a highly disruptive DDoS attack against a major online retailer. The attacker aims to exhaust all the network resources while keeping th...
DDoS AttackBotnetVolumetric AttackAttack Strategy - Question #538SQL Injection
As a cybersecurity professional, you are responsible for securing a high-traffic web application that uses MySQL as its backend database. Recently, there has been a surge of unauth...
SQL InjectionInput Filtering BypassEncoding AttacksWeb Application Security - Question #539Hacking Mobile Platforms
As a cybersecurity analyst for SecureNet, you are performing a security assessment of a new mobile payment application. One of your primary concerns is the secure storage of custom...
Mobile securityData at rest protectionEncryptionApplication security - Question #540Hacking Wireless Networks
You are an ethical hacker contracted to conduct a security audit for a company. During the audit, you discover that the company's wireless network is using WEP encryption. You unde...
Wireless securityWEP vulnerabilitiesWPA2-PSKEncryption standards - Question #541Denial-of-Service
A sophisticated attacker targets your web server with the intent to execute a Denial of Service (DoS) attack. His strategy involves a unique mixture of TCP SYN, UDP, and ICMP flood...
Denial of ServiceDoS AttackPacket FloodingWeb Server Security - Question #542Hacking Web Servers
You have been hired as an intern at a start-up company. Your first task is to help set up a basic web server for the company's new website. The team leader has asked you to make su...
Web Server SecurityPatch ManagementVulnerability ManagementSecurity Best Practices - Question #543Denial-of-Service
Your network infrastructure is under a SYN flood attack. The attacker has crafted an automated botnet to simultaneously send 's' SYN packets per second to the server. You have put...
SYN floodDenial of Service (DoS)Network OverloadAttack Impact - Question #544Footprinting and Reconnaissance
A certified ethical hacker is conducting a Whois footprinting activity on a specific domain. The individual is leveraging various tools such as Batch IP Converter and Whols Analyze...
WhoisFootprintingThin Whois modelReconnaissance - Question #545Footprinting and Reconnaissance
Your company suspects a potential security breach and has hired you as a Certified Ethical Hacker to investigate. You discover evidence of footprinting through search engines and a...
Google HackingFootprintingSearch OperatorsOSINT - Question #546Hacking Web Servers
In your cybersecurity class, you are learning about common security risks associated with web servers. One topic that comes up is the risk posed by using default server settings. W...
Web Server SecurityDefault SettingsInformation DisclosureServer Hardening - Question #547Scanning Networks
A skilled ethical hacker was assigned to perform a thorough OS discovery on a potential target. They decided to adopt an advanced fingerprinting technique and sent a TCP packet to...
OS FingerprintingTCP FlagsECN ScanningNetwork Scanning - Question #548Vulnerability Analysis
An IT company has just implemented new security controls to their network and system setup. As a Certified Ethical Hacker, your responsibility is to assess the possible vulnerabili...
Vulnerability AssessmentSecurity MisconfigurationsInitial Assessment StrategySystem Hardening - Question #549Enumeration
An ethical hacker has been tasked with assessing the security of a major corporation's network. She suspects the network uses default SNMP community strings. To exploit this, she p...
SNMP EnumerationInformation GatheringNetwork Scanning ToolsDefault Community Strings - Question #550Footprinting and Reconnaissance
Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?
MaltegoOSINTReconnaissanceLink Analysis - Question #551Hacking Web Applications
Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users...
web application attackCross-Site Scriptingclient-side script injectionXSS - Question #552Hacking Wireless Networks
This tool is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with som...
Aircrack-ngWEP CrackingWPA-PSK CrackingWireless Hacking Tools