312-50v13 Practice Questions

During a penetration test at TechTrend Innovations in California, ethical hacker Jake Henderson reviews the company ' s web server exposure to network-based threats. He finds that the server is running with multiple open services and protocols that are not required for its operation, such as NetBIOS and SM

B.  

Which hardening measure should the IT team implement to mitigate this risk?

A penetration tester is investigating a web server that allows unrestricted file uploads without validating file types. Which technique should be used to exploit this vulnerability and potentially gain control of the server?

Which advanced session hijacking technique is hardest to detect and mitigate in a remote-access environment?

A hacker is analyzing a system that uses two rounds of symmetric encryption with different keys. To speed up key recovery, the attacker encrypts the known plaintext with all possible values of the first key and stores the intermediate ciphertexts. Then, they decrypt the final ciphertext using all possible values of the second key and compare the results to the stored values. Which cryptanalytic method does this approach represent?

A Nessus scan reveals a critical SSH vulnerability (CVSS 9.0) allowing potential remote code execution on a Linux server. What action should be immediately prioritized?

You must map open ports and services while remaining stealthy and avoiding IDS detection. Which scanning technique is best?

In Austin, Texas, ethical hacker Michael Reyes is conducting a red team exercise for Horizon Tech, a software development firm. During his assessment, Michael crafts a malicious link that appears to lead to the company ' s internal project management portal. When an unsuspecting employee clicks the link, it redirects them to a login session that Michael has already initialized with the server. After the employee logs in, Michael uses that session to access the portal in a controlled test, demonstrating a vulnerability to the IT team.

Which session hijacking technique is Michael using in this red team exercise?

At RedCore Motors, the IT security lead, Priya, is tasked with selecting a vulnerability management solution for their expanding hybrid infrastructure. During the evaluation, she prioritizes tools that support agent-based detection across endpoints, offer constant monitoring and alerting capabilities, and provide comprehensive visibility into both on-premises and cloud-based systems. After thorough testing, she selects a platform that promises to scan for vulnerabilities everywhere accurately and efficiently, aligning with her organization’s need for centralized visibility and real-time risk assessment.

Which vulnerability assessment tool did Priya MOST LIKELY select?

As a Certified Ethical Hacker evaluating a smart city project (traffic lights, public Wi-Fi, and water management), you find anomalous IoT network logs showing high-volume data exchange between a specific traffic light and an external IP address. Further investigation reveals an unexpectedly open port on that traffic light. What should be your subsequent course of action?

A penetration tester is tasked with identifying vulnerabilities on a web server running outdated software. The server hosts several web applications and is protected by a basic firewall. Which technique should the tester use to exploit potential server vulnerabilities?

In a highly secure online banking environment, customers report unauthorized access to their accounts despite robust authentication controls. Investigation reveals attackers are using advanced session hijacking techniques to perform fraudulent transactions. Which advanced session-hijacking attack, resembling a scenario-based attack, presents the greatest challenge to detect and mitigate?

A penetration tester needs to map open ports on a target network without triggering the organization’s intrusion detection systems (IDS), which are configured to detect standard scanning patterns and abnormal traffic volumes. To achieve this, the tester decides to use a method that leverages a third-party host to obscure the origin of the scan. Which scanning technique should be employed to accomplish this stealthily?

A financial institution in San Francisco suffers a breach where attackers install malware that captures customer account credentials. The stolen data is then sold on underground forums for profit. No political or social statements are made, and the attackers remain anonymous while continuing to target similar organizations for financial gain. Based on this activity, what category of hacker is most likely responsible?

A penetration tester discovers that a web application uses unsanitized user input to dynamically generate file paths. The tester identifies that the application is vulnerable to Remote File Inclusion (RFI). Which action should the tester take to exploit this vulnerability?

At TechTrend Innovations in Silicon Valley, network administrator Jake Henderson reviews the configuration of their web infrastructure. While inspecting the web server setup, he identifies the directory that stores the publicly accessible website content such as HTML files, images, and client-side scripts. Jake highlights this area as a frequent target for attackers, since improper permissions could expose sensitive files to unauthorized users.

Which web server component is Jake analyzing in this scenario?