312-50V13 Exam Questions
626 real 312-50V13 exam questions with expert-verified answers and explanations. Page 5 of 13.
- Question #202System Hacking
The network team has well-established procedures to follow for creating new rules on the firewall. This includes having approval from a manager prior to implementing any new rules....
firewall managementchange managementsecurity policyincident response - Question #203Introduction to Ethical Hacking
The Payment Card Industry Data Security Standard (PCI DSS) contains six different categories of control objectives. Each objective contains one or more requirements, which must be...
PCI DSSaccess controlunique user IDscompliance - Question #204System Hacking
Nedved is an IT Security Manager of a bank in his country. One day. he found out that there is a security breach to his company's email server based on analysis of a suspicious con...
incident responsecontainmentnetwork isolationsecurity breach - Question #205Social Engineering
Vlady works in a fishing company where the majority of the employees have very little understanding of IT let alone IT Security. Several information security issues that Vlady ofte...
Information Security AwarenessSecurity TrainingHuman Factor SecuritySecurity Best Practices - Question #206Footprinting and Reconnaissance
Clark, a professional hacker, was hired by an organization lo gather sensitive Information about its competitors surreptitiously. Clark gathers the server IP address of the target...
footprintingreconnaissanceWHOISARIN - Question #207IoT Hacking
Jim, a professional hacker, targeted an organization that is operating critical Industrial Infrastructure. Jim used Nmap to scan open pons and running services on systems connected...
NmapOT networkEthernet/IPICS hacking - Question #208Hacking Wireless Networks
There have been concerns in your network that the wireless network component is not sufficiently secure. You perform a vulnerability scan of the wireless network and find that it i...
Wireless securityWEPEncryption protocols - Question #209Introduction to Ethical Hacking
Attacker Lauren has gained the credentials of an organization's internal server system, and she was often logging in during irregular times to monitor the network activities. The o...
Incident HandlingIncident ResponseIncident TriageCybersecurity Operations - Question #210Vulnerability Analysis
David is a security professional working in an organization, and he is implementing a vulnerability management program in the organization to evaluate and control the risks and vul...
Vulnerability ManagementRemediationVulnerability Life CycleSecurity Operations - Question #211Introduction to Ethical Hacking
Widespread fraud ac Enron. WorldCom, and Tyco led to the creation of a law that was designed to improve the accuracy and accountability of corporate disclosures. It covers accounti...
ComplianceRegulationsSarbanes-OxleyCorporate Governance - Question #212Sniffing
Robin, a professional hacker, targeted an organization's network to sniff all the traffic. During this process. Robin plugged in a rogue switch to an unused port in the LAN with a...
STP attackRogue switchRoot bridgeNetwork sniffing - Question #213Denial-of-Service
Abel, a security professional, conducts penetration testing in his client organization to check for any security loopholes. He launched an attack on the DHCP servers by broadcastin...
DHCP starvationDenial of ServiceNetwork attacks - Question #214System Hacking
At what stage of the cyber kill chain theory model does data exfiltration occur?
Cyber Kill ChainData ExfiltrationAttack MethodologyActions on Objectives - Question #215Scanning Networks
Techno Security Inc. recently hired John as a penetration tester. He was tasked with identifying open ports in the target network and determining whether the ports are online and a...
NmapTCP SYN scanping scannetwork reconnaissance - Question #216System Hacking
Ricardo has discovered the username for an application in his targets environment. As he has a limited amount of time, he decides to attempt to use a list of common passwords he fo...
Password CrackingDictionary AttackAuthentication Attack - Question #217IoT Hacking
Richard, an attacker, aimed to hack loT devices connected to a target network. In this process. Richard recorded the frequency required to share information between connected devic...
Replay attackIoT hackingWireless securitySignal injection - Question #218Cryptography
This form of encryption algorithm is asymmetric key block cipher that is characterized by a 128-bit block size, and its key size can be up to 256 bits. Which among the following is...
TwofishEncryption AlgorithmsBlock CiphersSymmetric Encryption - Question #219Vulnerability Analysis
Sam is working as a system administrator In an organization. He captured the principal characteristics of a vulnerability and produced a numerical score to reflect Its severity usi...
CVSS v3.0Vulnerability scoringSeverity levels - Question #220Hacking Wireless Networks
jane invites her friends Alice and John over for a LAN party. Alice and John access Jane's wireless network without a password. However. Jane has a long, complex password on her ro...
Evil twin attackWireless access point spoofingMan-in-the-middleWireless security - Question #221Introduction to Ethical Hacking
Nicolas just found a vulnerability on a public-facing system that is considered a zero-day vulnerability. He sent an email to the owner of the public system describing the problem...
Hacker typesZero-day vulnerabilityResponsible disclosureEthical hacking - Question #222Hacking Wireless Networks
You are a penetration tester tasked with testing the wireless network of your client Brakeme SA. You are attempting to break into the wireless network with the SSID "Brakeme-lntern...
Wireless SecurityWPA3DragonbloodVulnerabilities - Question #223Malware Threats
To invisibly maintain access to a machine, an attacker utilizes a toolkit that sits undetected In the core components of the operating system. What is this type of rootkit an examp...
RootkitKernel rootkitMalware persistenceOperating system components - Question #224Cryptography
Alice needs to send a confidential document to her coworker. Bryan. Their company has public key infrastructure set up. Therefore. Alice both encrypts the message and digitally sig...
Public Key CryptographyAsymmetric EncryptionDigital SignaturesConfidentiality - Question #225Cryptography
What piece of hardware on a computer's motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possibl...
TPMHardware SecurityEncryption KeysSecure Storage - Question #226Malware Threats
Security administrator John Smith has noticed abnormal amounts of traffic coming from local computers at night. Upon reviewing, he finds that user data have been exfilltrated by an...
Malware typesFile-less malwareWhitelisting bypassEvasion techniques - Question #227Footprinting and Reconnaissance
Taylor, a security professional, uses a tool to monitor her company's website, analyze the website's traffic, and track the geographical location of the users visiting the company'...
Web analyticsWebsite monitoringTraffic analysisGeographical tracking - Question #228Hacking Web Applications
Gilbert, a web developer, uses a centralized web API to reduce complexity and increase the Integrity of updating and changing data. For this purpose, he uses a web service that use...
Web ServicesAPI TypesRESTful APIHTTP Methods - Question #229Footprinting and Reconnaissance
Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the at...
DNS FootprintingReconnaissance ToolsDNS EnumerationInformation Gathering - Question #230Session Hijacking
Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a...
Session donation attackSession IDMITMWeb security - Question #231Enumeration
Which of the following commands checks for valid users on an SMTP server?
SMTPEnumerationUser enumerationVRFY command - Question #232Hacking Wireless Networks
Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints t...
Wireless attackMan-in-the-MiddleLTE securitySession hijacking - Question #233Vulnerability Analysis
in the Common Vulnerability Scoring System (CVSS) v3.1 severity ratings, what range does medium vulnerability fall in?
CVSSvulnerability severityscore ranges - Question #234Hacking Mobile Platforms
What is the file that determines the basic configuration (specifically activities, services, broadcast receivers, etc.) in an Android application?
Android application structureAndroidManifest.xmlMobile application configurationApplication components - Question #235Malware Threats
A friend of yours tells you that he downloaded and executed a file that was sent to him by a coworker. Since the file did nothing when executed, he asks you for help because he sus...
Malware detectionTrojan analysisnetstatnetwork connections - Question #236Enumeration
Garry is a network administrator in an organization. He uses SNMP to manage networked devices from a remote location. To manage nodes in the network, he uses MIB. which contains fo...
SNMPMIBNetwork ManagementLNMIB2.MIB - Question #237Social Engineering
An attacker redirects the victim to malicious websites by sending them a malicious link by email. The link appears authentic but redirects the victim to a malicious web page, which...
PhishingSocial EngineeringEmail attacksMalicious links - Question #238Social Engineering
Steve, an attacker, created a fake profile on a social media website and sent a request to Stella. Stella was enthralled by Steve's profile picture and the description given for hi...
Social engineeringHoney trapOnline impersonationInformation gathering - Question #239SQL Injection
Daniel Is a professional hacker who Is attempting to perform an SQL injection attack on a target Injection attempts based on predefined signatures. To evade any comparison statemen...
SQL injectionWAF evasionsignature bypassquery variation - Question #240Social Engineering
While browsing his Facebook teed, Matt sees a picture one of his friends posted with the caption. "Learn more about your friends!", as well as a number of personal questions. Matt...
social engineeringsecurity questionsinformation disclosurephishing - Question #241Footprinting and Reconnaissance
Jane, an ethical hacker, is testing a target organization's web server and website to identify security loopholes. In this process, she copied the entire website and its content on...
website mirroringreconnaissancefootprintinginformation gathering - Question #242Vulnerability Analysis
An organization is performing a vulnerability assessment tor mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on th...
Vulnerability AssessmentInference-based AssessmentService IdentificationPenetration Testing - Question #243System Hacking
Scenario: Joe turns on his home computer to access personal online banking. When he enters as if he has never visited the site before. When he examines the website URL closer, he f...
DNS HijackingPhishingWeb SecurityOnline Banking Security - Question #244System Hacking
Harry. a professional hacker, targets the IT infrastructure of an organization. After preparing for the attack, he attempts to enter the target network using techniques such as sen...
APT LifecycleInitial IntrusionSpear PhishingVulnerability Exploitation - Question #245Social Engineering
Sam, a professional hacker. targeted an organization with intention of compromising AWS IAM credentials. He attempted to lure one of the employees of the organization by initiating...
Social engineeringPhishingPretextingCredential theft - Question #246SQL Injection
Ethical hacker jane Smith is attempting to perform an SQL injection attach. She wants to test the response time of a true or false response and wants to use a second command to det...
SQL InjectionTime-based SQL InjectionBoolean-based SQL Injection - Question #247Footprinting and Reconnaissance
In order to tailor your tests during a web-application scan, you decide to determine which web- server version is hosting the application. On using the sV flag with Nmap. you obtai...
NmapBanner GrabbingInformation GatheringService Version Detection - Question #248Hacking Web Applications
Jason, an attacker, targeted an organization to perform an attack on its Internet-facing web server with the intention of gaining access to backend servers, which are protected by...
SSRFServer-Side Request ForgeryWeb application vulnerabilityInternal network access - Question #249Hacking Wireless Networks
Attacker Rony Installed a rogue access point within an organization's perimeter and attempted to Intrude into its internal network. Johnson, a security auditor, identified some unu...
Rogue access pointWireless securityVulnerability assessmentNetwork intrusion - Question #250Enumeration
What would be the fastest way to perform content enumeration on a given web server by using the Gobuster tool?
GobusterContent EnumerationWeb Server HackingWordlists - Question #251Vulnerability Analysis
Bill is a network administrator. He wants to eliminate unencrypted traffic inside his company's network. He decides to setup a SPAN port and capture all traffic to the datacenter....
SNMPNetwork Protocol SecurityPort IdentificationUnencrypted Traffic