312-50V13 Exam Questions
626 real 312-50V13 exam questions with expert-verified answers and explanations. Page 6 of 13.
- Question #252Enumeration
John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the IDAP service f...
LDAP EnumerationjxplorerDirectory ServicesInformation Gathering - Question #253Hacking Wireless Networks
This wireless security protocol allows 192-bit minimum-strength security protocols and cryptographic tools to protect sensitive data, such as GCMP-2S6. MMAC-SHA384, and ECDSA using...
Wireless security protocolsWPA3-EnterpriseCryptographic strengthWi-Fi standards - Question #254SQL Injection
Suppose that you test an application for the SQL injection vulnerability. You know that the backend database is based on Microsoft SQL Server. In the login/password form, you enter...
SQL injectionSQL syntaxcomment injectiondatabase queries - Question #255Vulnerability Analysis
A newly joined employee. Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator....
Vulnerability assessment typesHost-based assessmentSystem configuration securityInternal vulnerabilities - Question #256Enumeration
During the enumeration phase. Lawrence performs banner grabbing to obtain information such as OS details and versions of services running. The service that he enumerated runs direc...
Port 445SMBBanner GrabbingService Identification - Question #257IoT Hacking
George is a security professional working for iTech Solutions. He was tasked with securely transferring sensitive data of the organization between industrial systems. In this proce...
ZigbeeIEEE 802.15.4IoT Communication Protocols - Question #258Hacking Web Applications
Susan, a software developer, wants her web API to update other applications with the latest information. For this purpose, she uses a user-defined HTTP tailback or push APIs that a...
WebhooksAPI integrationReal-time updatesEvent-driven architecture - Question #259Social Engineering
Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming...
Social EngineeringQuid pro quoVishingImpersonation - Question #260SQL Injection
SQL injection (SQLi) attacks attempt to inject SQL syntax into web requests, which may bypass authentication and allow attackers to access and/or modify data attached to a web appl...
SQL InjectionOut-of-band SQLiDNS exfiltrationDatabase vulnerabilities - Question #261Scanning Networks
Andrew is an Ethical Hacker who was assigned the task of discovering all the active devices hidden by a restrictive firewall in the IPv4 range in a given target network. Which of t...
Host DiscoveryARP ScanFirewall EvasionNetwork Scanning - Question #262Social Engineering
Ralph, a professional hacker, targeted Jane, who had recently bought new systems for her company. After a few days, Ralph contacted Jane while masquerading as a legitimate customer...
social engineeringimpersonationphysical securityinformation gathering - Question #263Cloud Computing
Alice, a professional hacker, targeted an organization's cloud services. She infiltrated the targets MSP provider by sending spear-phishing emails and distributed custom-made malwa...
Cloud AttacksMSP SecuritySupply Chain Attacks - Question #264Cloud Computing
joe works as an it administrator in an organization and has recently set up a cloud computing service for the organization. To implement this service, he reached out to a telecom c...
NIST Cloud ModelCloud CarrierCloud RolesCloud Deployment - Question #265Footprinting and Reconnaissance
Emily, an extrovert obsessed with social media, posts a large amount of private information, photographs, and location tags of recently visited places. Realizing this. James, a pro...
OSINTSocial Media MonitoringInformation GatheringGeolocation - Question #266Cloud Computing
Annie, a cloud security engineer, uses the Docker architecture to employ a client/server model in the application she is working on. She utilizes a component that can process API r...
Docker architectureDocker daemonContainerization - Question #267Hacking Mobile Platforms
Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes WI-...
Mobile HackingiOS TrustjackingRemote AccessiTunes Wi-Fi Sync - Question #268System Hacking
what is the correct way of using MSFvenom to generate a reverse TCP shellcode for windows?
msfvenomreverse shellpayload generationWindows Hacking - Question #269Evading IDS, Firewalls, and Honeypots
which of the following information security controls creates an appealing isolated environment for hackers to prevent them from compromising critical targets while simultaneously g...
HoneypotSecurity ControlsDeception Technology - Question #270Scanning Networks
Consider the following Nmap output: What command-line parameter could you use to determine the type and version number of the web server?
Nmapport scanningservice version detectionreconnaissance tools - Question #271Hacking Web Servers
What are common files on a web server that can be misconfigured and provide useful Information for a hacker such as verbose error messages?
Web server configurationPHP configurationInformation disclosureVerbose errors - Question #272Introduction to Ethical Hacking
Infecting a system with malware and using phishing to gain credentials to a system or web application are examples of which phase of the ethical hacking methodology?
ethical hacking phasesgaining accessmalware deploymentphishing - Question #273Malware Threats
Which type of virus can change its own code and then cipher itself multiple times as it replicates?
MalwareVirus typesEncryptionPolymorphism - Question #274Social Engineering
You are a penetration tester working to test the user awareness of the employees of the client xyz. You harvested two employees' emails from some public sources and are creating a...
Cyber Kill ChainWeaponizationBackdoor creationPenetration testing - Question #275Hacking Web Servers
Samuel a security administrator, is assessing the configuration of a web server. He noticed that the server permits SSlv2 connections, and the same private key certificate is used...
SSL/TLS VulnerabilitiesDROWN AttackCryptographyWeb Server Security - Question #276Vulnerability Analysis
John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker Installed a scanner...
vulnerability scanningagent-based scannervulnerability assessmentinternal network scan - Question #277Evading IDS, Firewalls, and Honeypots
Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavio...
Evasion TechniquesNetwork ObfuscationProxy ActivitiesFast Flux - Question #278Cloud Computing
There are multiple cloud deployment options depending on how isolated a customer's resources are from those of other customers. Shared environments share the costs and allow each c...
Cloud ComputingCloud Deployment ModelsCommunity Cloud - Question #279Introduction to Ethical Hacking
Bob was recently hired by a medical company after it experienced a major cyber security breach. Many patients are complaining that their personal medical records are fully exposed...
Data PrivacyRegulationsHealthcare DataHIPAA - Question #280Introduction to Ethical Hacking
What is the common name for a vulnerability disclosure program opened by companies In platforms such as HackerOne?
Vulnerability disclosureBug bounty programEthical hacking engagementHackerOne - Question #281Footprinting and Reconnaissance
Which file is a rich target to discover the structure of a website during web-server footprinting?
Web server footprintingRobots.txtWebsite structureReconnaissance - Question #282Cryptography
John wants to send Marie an email that includes sensitive information, and he does not trust the network that he is connected to. Marie gives him the idea of using PGP. What should...
PGPAsymmetric EncryptionPublic Key CryptographyConfidentiality - Question #283Social Engineering
Attacker Steve targeted an organization's network with the aim of redirecting the company's web traffic to another malicious website. To achieve this goal, Steve performed DNS cach...
PharmingDNS cache poisoningWeb traffic redirectionIdentity theft - Question #284Footprinting and Reconnaissance
Wilson, a professional hacker, targets an organization for financial benefit and plans to compromise its systems by sending malicious emails. For this purpose, he uses a tool to tr...
Email reconnaissanceOSINTFootprinting toolsinfoga - Question #285Hacking Web Servers
While testing a web application in development, you notice that the web server does not properly ignore the "dot dot slash" (../) character string and instead returns the file list...
directory traversalweb server vulnerabilitiespath traversal - Question #286Scanning Networks
Henry Is a cyber security specialist hired by BlackEye - Cyber security solutions. He was tasked with discovering the operating system (OS) of a host. He used the Unkornscan tool t...
OS FingerprintingTTLNetwork ScanningReconnaissance - Question #287Cryptography
Ethical Hacker jane Doe is attempting to crack the password of the head of the it department of ABC company. She Is utilizing a rainbow table and notices upon entering a password t...
Password SecurityRainbow TablesSaltingHashing - Question #288Enumeration
which of the following protocols can be used to secure an LDAP service against anonymous queries?
LDAP SecurityAuthentication ProtocolsNTLMDirectory Services - Question #289Enumeration
Allen, a professional pen tester, was hired by xpertTech solutWns to perform an attack simul- ation on the organization's network resources. To perform the attack, he took advantag...
NetBIOS enumerationport 139messenger service - Question #290Evading IDS, Firewalls, and Honeypots
What firewall evasion scanning technique make use of a zombie system that has low network activity as well as its fragment identification numbers?
Idle scanningFirewall evasionZombie systemNetwork scanning - Question #291Session Hijacking
What is the first step for a hacker conducting a DNS cache poisoning (DNS spoofing) attack against an organization?
DNS cache poisoningDNS spoofingAttack methodologyDNS resolver - Question #292Hacking Wireless Networks
In an attempt to increase the security of your network, you Implement a solution that will help keep your wireless network undiscoverable and accessible only to those that know It....
Wireless SecuritySSID BroadcastingNetwork ConcealmentWLAN Configuration - Question #293IoT Hacking
what is the port to block first in case you are suspicious that an loT device has been compromised?
IoT SecurityMalware CommunicationCommand and ControlNetwork Defense - Question #294Evading IDS, Firewalls, and Honeypots
Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate data. He is using the NSTX tool for bypassing t...
DNS tunnelingFirewall evasionData exfiltrationPort 53NSTX - Question #295Vulnerability Analysis
Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network lo identify the active systems, network services, appl...
Vulnerability assessmentPassive assessmentNetwork sniffingReconnaissance - Question #296IoT Hacking
Bob, an attacker, has managed to access a target loT device. He employed an online tool to gather information related to the model of the loT device and the certifications granted...
IoT HackingReconnaissanceOSINTFCC ID - Question #297Hacking Web Servers
Larry, a security professional in an organization, has noticed some abnormalities In the user accounts on a web server. To thwart evolving attacks, he decided to harden the securit...
Web server hardeningAccount securityLeast privilegeSecurity best practices - Question #298Session Hijacking
Bella, a security professional working at an it firm, finds that a security breach has occurred while transferring important files. Sensitive data, employee usernames. and password...
Secure ProtocolsFile Transfer SecurityEncryptionData Confidentiality - Question #299Cloud Computing
Abel, a cloud architect, uses container technology to deploy applications/software including all its dependencies, such as libraries and configuration files, binaries, and other re...
ContainerizationCloud deploymentContainer architectureImage management - Question #300Hacking Wireless Networks
Which of the following Bluetooth hacking techniques refers to the theft of information from a wireless device through Bluetooth?
Bluetooth hackingWireless securityData theftBluesnarfing - Question #301Evading IDS, Firewalls, and Honeypots
If you send a TCP ACK segment to a known closed port on a firewall but it does not respond with an RST. What do you know about the firewall you are scanning?
TCP ACK scanStateful firewallFirewall detectionNetwork scanning