Browse Exams Pricing

Exams312-50V13Questions

312-50V13 Exam Questions

626 real 312-50V13 exam questions with expert-verified answers and explanations. Page 8 of 13.

Question #352Scanning Networks
An attacker scans a host with the below command. Which three flags are set? # nmap sX host.domain.com
NmapXmas scanTCP flagsport scanning
Question #353Introduction to Ethical Hacking
If executives are found liable for not properly protecting their company's assets and information systems, what type of law would apply in this situation?
legal aspectsliabilityinformation security lawcivil law
Question #354Introduction to Ethical Hacking
Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?
access controlSSOauthenticationidentity management
Question #355Scanning Networks
What would you enter if you wanted to perform a stealth scan using Nmap?
Nmapstealth scanSYN scanport scanning
Question #356Cryptography
Which protocol is used for setting up secure channels between two devices, typically in VPNs?
IPSecVPNsecure communicationnetwork protocols
Question #357Scanning Networks
You have compromised a server on a network and successfully opened a shell. You aimed to identify all operating systems running on the network. However, as you attempt to fingerpri...
NmapOS detectionprivilege escalationscanning issues
Question #358System Hacking
What is the most common method to exploit the "Bash Bug" or "Shellshock" vulnerability?
ShellshockBash vulnerabilityCGI exploitationWeb server attacks
Question #359Scanning Networks
Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results? TCP p...
Firewalkfirewall bypassport scanningTTL exceeded
Question #360System Hacking
#!/usr/bin/python import socket buffer=[""A""] counter=50 while len(buffer)<=100: buffer.append (""A""*counter) counter=counter+50 commands= [""HELP"",""STATS ."",""RTIME ."",""LTI...
Buffer overflowPython scriptingexploit developmentfuzzing
Question #361Hacking Web Applications
Which tier in the N-tier application architecture is responsible for moving and processing data between the tiers?
N-tier architectureLogic tierapplication architecture
Question #362Social Engineering
In both pharming and phishing attacks, an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from it...
PharmingPhishingsocial engineeringDNS poisoning
Question #363Hacking Wireless Networks
When configuring wireless on his home router, Javik disables SSID broadcast. He leaves authentication "open" but sets the SSID to a 32-character string of random letters and number...
Wireless securitySSID broadcastWPA/WPA2wireless hacking
Question #364Malware Threats
Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious code...
Code emulationmalware analysissandboxantivirus
Question #365Sniffing
Which of the following statements is TRUE?
Packet snifferOSI modelData Link Layernetwork fundamentals
Question #366Hacking Web Applications
Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Suppo...
Insecure Direct Object Reference (IDOR)Web application vulnerabilitiesAccess control bypassVulnerability exploitation
Question #367Vulnerability Analysis
Mary found a high vulnerability during a vulnerability scan and notified her server team. After analysis, they sent her proof that a fix to that issue had already been applied. The...
Vulnerability scanFalse positiveSecurity assessmentScan results
Question #368Footprinting and Reconnaissance
What is the least important information when you analyze a public IP address in a security alert?
IP address analysisWhoisDNS lookupGeolocation
Question #369Malware Threats
You are a security officer of a company. You had an alert from IDS that indicates that one PC on your Intranet is connected to a blacklisted IP address (C2 Server) on the Internet....
Incident responseC2 serverFirewall logsmalware communication
Question #370Hacking Wireless Networks
Which of the following antennas is commonly used in communications for a frequency band of 10 MHz to VHF and UHF?
Yagi antennawireless communicationRF frequenciesantenna types
Question #371Hacking Wireless Networks
From the following table, identify the wrong answer in terms of Range (ft). Standard Range (ft) 802.11a 150150 802.11b 150150 802.11g 150150 802.16 (WiMax) 30 miles
Wireless standards802.11WiMaxwireless range
Question #372System Hacking
Which tool can be used to silently copy files from USB devices?
USB Dumperdata exfiltrationphysical securityinsider threat
Question #373Introduction to Ethical Hacking
A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT...
Security policiesremote access policydial-up modemsnetwork security
Question #374Scanning Networks
ping* 6 192.168.0.101 Output: Pinging 192.168.0.101 with 32 bytes of data: Reply from 192.168.0.101: bytes=32 time<1ms TTL=128 Reply from 192.168.0.101: bytes=32 time<1ms TTL=128...
Ping commandnetwork diagnosticscommand-line toolsICMP
Question #375Hacking Wireless Networks
Which of the following is a passive wireless packet analyzer that works on Linux-based systems?
Wireless packet analysisKismetNetwork sniffingLinux tools
Question #376Hacking Web Applications
A company's Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploit...
Cross-site scripting (XSS)Web application vulnerabilityInput validationVulnerability mitigation
Question #377Introduction to Ethical Hacking
On performing a risk assessment, you need to determine the potential impacts when some of the critical business processes of the company interrupt its service. What is the name of...
Business Impact AnalysisBIAdisaster recoveryrisk assessment
Question #378Hacking Web Applications
What type of a vulnerability/attack is it when the malicious person forces the user's browser to send an authenticated request to a server?
CSRFweb attackbrowser security
Question #379Hacking Web Applications
Websites and web portals that provide web services commonly use the Simple Object Access Protocol (SOAP). Which of the following is an incorrect definition or characteristics of th...
SOAPweb servicesprotocolsXML
Question #380Footprinting and Reconnaissance
A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer...
banner grabbingNetcatweb server information disclosurereconnaissance
Question #381Scanning Networks
The network in ABC company is using the network address 192.168.1.64 with mask 255.255.255.192. In the network the servers are in the addresses 192.168.1.122, 192.168.1.123 and 192...
NmapNetwork ScanningSubnettingCIDR Notation
Question #382Hacking Web Applications
An attacker changes the profile information of a particular user (victim) on the target website. The attacker uses this string to update the victim's profile to a text file and the...
Cross-Site Request ForgeryWeb Application AttacksHTTP GET/POST
Question #383Evading IDS, Firewalls, and Honeypots
Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?
Metasploit FrameworkPayload EncodingAV EvasionPenetration Testing Tools
Question #384Hacking Web Applications
When you are testing a web application, it is very useful to employ a proxy tool to save every request and response. You can manually test every request and analyze the response to...
Burp Suiteweb application proxyvulnerability testingpenetration testing tools
Question #385Scanning Networks
Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?
Nmapnetwork scanningscan timingstealth
Question #386Cloud Computing
Geena, a cloud architect, uses a master component in the Kubernetes cluster architecture that scans newly generated pods and allocates a node to them. This component can also assig...
Kuberneteskube-schedulercloud architecturepod management
Question #387Social Engineering
_________ is a type of phishing that targets high-profile executives such as CEOs, CFOs, politicians, and celebrities who have access to confidential and highly valuable informatio...
phishingwhaling attacksocial engineeringtargeted attack
Question #388Session Hijacking
Peter, a system administrator working at a reputed IT firm, decided to work from his home and login remotely. Later, he anticipated that the remote connection could be exposed to s...
VPNremote access securityencryptionsession hijacking prevention
Question #389Social Engineering
An attacker can employ many methods to perform social engineering against unsuspecting employees, including scareware. What is the best example of a scareware attack?
scarewaresocial engineeringmalwarephishing
Question #390Introduction to Ethical Hacking
Bill has been hired as a penetration tester and cyber security auditor for a major credit card company. Which information security standard is most applicable to his role?
PCI DSScomplianceinformation security standardspenetration testing
Question #391Cryptography
Tony wants to integrate a 128-bit symmetric block cipher with key sizes of 128,192, or 256 bits into a software program, which involves 32 rounds of computational operations that i...
symmetric encryptionblock cipherSerpentcryptography algorithms
Question #392Hacking Wireless Networks
Morris, an attacker, wanted to check whether the target AP is in a locked state. He attempted using different utilities to identify WPS-enabled APs in the target wireless network....
WPS attackwireless hacking toolswashaccess point
Question #393Malware Threats
What type of virus is most likely to remain undetected by antivirus software?
stealth virusmalwareantivirus evasionvirus types
Question #394Hacking Mobile Platforms
Ben purchased a new smartphone and received some updates on it through the OTA method. He received two messages: one with a PIN from the network operator and another asking him to...
SMS phishingsmishingmobile securitysocial engineering
Question #395Vulnerability Analysis
Jack, a professional hacker, targets an organization and performs vulnerability scanning on the target web server to identify any possible weaknesses, vulnerabilities, and misconfi...
Vulnerability scanningWeb application securityAutomated scanning toolsNetsparker
Question #396Social Engineering
Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target...
spear phishingmalicious attachmentsocial engineeringICS attack
Question #397Scanning Networks
Shiela is an information security analyst working at HiTech Security Solutions. She is performing service version discovery using Nmap to obtain information about the running servi...
Nmapservice version detectionnetwork scanningport scanning
Question #398Hacking Mobile Platforms
Kate dropped her phone and subsequently encountered an issue with the phone's internal speaker. Thus, she is using the phone's loudspeaker for phone calls and other activities. Bob...
Spearphone attackmobile phone hackinghardware exploitationspeech privacy
Question #399Vulnerability Analysis
Jude, a pen tester, examined a network from a hacker's perspective to identify exploits and vulnerabilities accessible to the outside world by using devices such as firewalls, rout...
Vulnerability assessmentExternal assessmentPenetration testingNetwork security
Question #400Introduction to Ethical Hacking
Roma is a member of a security team. She was tasked with protecting the internal network of an organization from imminent threats. To accomplish this task, Roma fed threat intellig...
threat intelligencetechnical threat intelligencenetwork securitymalicious traffic
Question #401Footprinting and Reconnaissance
Becky has been hired by a client from Dubai to perform a penetration test against one of their remote offices. Working from her location in Columbus, Ohio, Becky runs her usual rec...
WhoisRegional Internet RegistryRIPE NCCreconnaissance

PreviousPage 8 of 13Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.