Download Certified Ethical Hacker v12 Exam.312-50v12.PassLeader.2025-04-13.262q.vcex

Vendor: ECCouncil
Exam Code: 312-50v12
Exam Name: Certified Ethical Hacker v12 Exam
Date: Apr 13, 2025
File Size: 403 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: TAURUSSIM_20OFF

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker installed a scanner on a machine belonging to one of the victims and scanned several machines on the same network to identify vulnerabilities to perform further exploitation. What is the type of vulnerability assessment tool employed by John in the above scenario? 
 
  1. Agent-based scanner 
  2. Network-based scanner 
  3. Cluster scanner 
  4. Proxy scanner  
Correct answer: A
Explanation:
* Network-Based Scanner: Network-based scanners are those that interact only with the real machine where they reside and give the report to the same machine after scanning. * Agent-Based Scanner: Agent-based scanners reside on a single machine but can scan several machines on the same network. * Proxy Scanner: Proxy scanners are the network-based scanners that can scan networks from any machine on the network. * Cluster scanner: Cluster scanners are similar to proxy scanners, but they can simultaneously perform two or more scans on different machines in the network. 
* Network-Based Scanner: Network-based scanners are those that interact only with the real machine where they reside and give the report to the same machine after scanning. 
* Agent-Based Scanner: Agent-based scanners reside on a single machine but can scan several machines on the same network. 
* Proxy Scanner: Proxy scanners are the network-based scanners that can scan networks from any machine on the network. 
* Cluster scanner: Cluster scanners are similar to proxy scanners, but they can simultaneously perform two or more scans on different machines in the network. 
Question 2
Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes in these websites and injected a malicious script that can redirect users from the web page and download malware onto a victim's machine. Joel waits for the victim to access the infected web application so as to compromise the victim's machine. 
Which of the following techniques is used by Joel in the above scenario? 
 
  1. Watering hole attack                                                                                 
  2. DNS rebinding attack 
  3. MarioNet attack 
  4. Clickjacking attack  
Correct answer: A
Explanation:
It is a type of unvalidated redirect attack whereby the attacker first identifies the most visited website of the target, determines the vulnerabilities in the website, injects malicious code into the vulnerable web application, and then waits for the victim to browse the website. Once the victim tries to access the website, the malicious code executes, infecting the victim. 
It is a type of unvalidated redirect attack whereby the attacker first identifies the most visited website of the target, determines the vulnerabilities in the website, injects malicious code into the vulnerable web application, and then waits for the victim to browse the website. Once the victim tries to access the website, the malicious code executes, infecting the victim. 
Question 3
Security administrator John Smith has noticed abnormal amounts of traffic coming from local computers at night. Upon reviewing, he finds that user data have been exfiltrated by an attacker. AV tools are unable to find any malicious software, and the IDS/IPS has not reported on any non-whitelisted programs. 
What type of malware did the attacker use to bypass the company's application whitelisting? 
 
  1. File-less malware 
  2. Zero-day malware 
  3. Phishing malware 
  4. Logic bomb malware  
Correct answer: A
Explanation:
In this scenario, the attacker used file-less malware to bypass the company's application whitelisting. File-less malware resides entirely in memory, making it difficult for antivirus software and IDS/IPS to detect. It can run in the context of a trusted process or system application, and can be delivered through various attack vectors, including phishing emails, malicious websites, or network exploits. 
In this scenario, the attacker used file-less malware to bypass the company's application whitelisting. File-less malware resides entirely in memory, making it difficult for antivirus software and IDS/IPS to detect. It can run in the context of a trusted process or system application, and can be delivered through various attack vectors, including phishing emails, malicious websites, or network exploits. 
Question 4
Scenario: Joe turns on his home computer to access personal online banking. When he enters the URL www.bank.com, the website is displayed, but it prompts him to re-enter his credentials as if he has never visited the site before. When he examines the website URL closer, he finds that the site is not secure and the web address appears different. What type of attack he is experiencing? 
 
  1. DHCP spoofing 
  2. DoS attack 
  3. ARP cache poisoning 
  4. DNS hijacking  
Correct answer: D
Explanation:
DNS hijacking: Attacker modifies DNS queries/responses, redirects users to incorrect/malicious websites, steals sensitive information. 
DNS hijacking: Attacker modifies DNS queries/responses, redirects users to incorrect/malicious websites, steals sensitive information. 
Question 5
Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID links the target employee to Boney's account page without disclosing any information to the victim. When the target employee clicks on the link, all the sensitive payment details entered in a form are linked to Boney's account. What is the attack performed by Boney in the above scenario? 
 
  1. Forbidden attack 
  2. CRIME attack 
  3. Session donation attack 
  4. Session fixation attack  
Correct answer: C
Explanation:
In a session donation attack, the attacker donates their own session ID to the target user. In this attack, the attacker first obtains a valid session ID by logging into a service and later feeds the same session ID to the target user. This session ID links a target user to the attacker’s account page without disclosing any information to the victim. When the target user clicks on the link and enters the details (username, password, payment details, etc.) in a form, the entered details are linked to the attacker’s account. To initiate this attack, the attacker can send their session ID using techniques such as cross-site cooking, an MITM attack, and session fixation. A session donation attack involves the following steps. 
In a session donation attack, the attacker donates their own session ID to the target user. In this attack, the attacker first obtains a valid session ID by logging into a service and later feeds the same session ID to the target user. This session ID links a target user to the attacker’s account page without disclosing any information to the victim. When the target user clicks on the link and enters the details (username, password, payment details, etc.) in a form, the entered details are linked to the attacker’s account. To initiate this attack, the attacker can send their session ID using techniques such as cross-site cooking, an MITM attack, and session fixation. A session donation attack involves the following steps. 
Question 6
Kevin, a professional hacker, wants to penetrate CyberTech Inc's network. He employed a technique, using which he encoded packets with Unicode characters. The company's IDS cannot recognize the packets, but the target web server can decode them. 
What is the technique used by Kevin to evade the IDS system? 
 
  1. Session splicing 
  2. Urgency flag 
  3. Obfuscating 
  4. Desynchronization                                                                                 
Correct answer: C
Explanation:
Obfuscating is an IDS evasion technique used by attackers to encode the attack packet payload in such a way that the destination host can only decode the packet but not the IDS. Using Unicode characters, an attacker can encode attack packets that the IDS would not recognize but which an IIS web server can decode.   
Obfuscating is an IDS evasion technique used by attackers to encode the attack packet payload in such a way that the destination host can only decode the packet but not the IDS. Using Unicode characters, an attacker can encode attack packets that the IDS would not recognize but which an IIS web server can decode. 
 
 
Question 7
Suppose that you test an application for the SQL injection vulnerability. You know that the backend database is based on Microsoft SQL Server. In the login/password form, you enter the following credentials: 
Based on the above credentials, which of the following SQL commands are you expecting to be executed by the server, if there is indeed an SQL injection vulnerability? 
  1. select * from Users where UserName = 'attack' ' or 1=1 -- and UserPassword = '123456' 
  2. select * from Users where UserName = 'attack' or 1=1 -- and UserPassword = '123456' 
  3. select * from Users where UserName = 'attack or 1=1 -- and UserPassword = '123456' 
  4. select * from Users where UserName = 'attack' or 1=1 --' and UserPassword = '123456'  
Correct answer: D
Explanation:
SELECT Count(*) FROM Users WHERE UserName='Blah' or 1=1 --' AND Password='Springfield' SQL Query Executed : SELECT Count(*) FROM Users WHERE UserName='Blah' or 1=1 Code after -- are now comments : --' AND Password='Springfield' 
SELECT Count(*) FROM Users WHERE UserName='Blah' or 1=1 --' AND Password='Springfield' 
SQL Query Executed : SELECT Count(*) FROM Users WHERE UserName='Blah' or 1=1 
Code after -- are now comments : --' AND Password='Springfield' 
Question 8
Which of the following commands checks for valid users on an SMTP server? 
 
  1. RCPT 
  2. CHK 
  3. VRFY 
  4. EXPN  
Correct answer: C
Explanation:
The VRFY commands enables SMTP clients to send an invitation to an SMTP server to verify that mail for a selected user name resides on the server. The VRFY command is defined in RFC 821.The server sends a response indicating whether the user is local or not, whether mail are going to be forwarded, and so on. A response of 250 indicates that the user name is local; a response of 251 indicates that the user name isn't local, but the server can forward the message. The server response includes the mailbox name. 
The VRFY commands enables SMTP clients to send an invitation to an SMTP server to verify that mail for a selected user name resides on the server. The VRFY command is defined in RFC 821.The server sends a response indicating whether the user is local or not, whether mail are going to be forwarded, and so on. A response of 250 indicates that the user name is local; a response of 251 indicates that the user name isn't local, but the server can forward the message. 
The server response includes the mailbox name. 
Question 9
Bella, a security professional working at an IT firm, finds that a security breach has occurred while transferring important files. Sensitive data, employee usernames, and passwords are shared in plaintext, paving the way for hackers to perform successful session hijacking. To address this situation, Bella implemented a protocol that sends data using encryption and digital certificates.                                                                          
Which of the following protocols is used by Bella? 
 
  1. FTPS 
  2. FTP 
  3. HTTPS 
  4. IP  
Correct answer: A
Explanation:
FTPS includes full support for the TLS and SSL cryptographic protocols, including the use of server-side public key authentication certificates and client-side authorization certificates. It also supports compatible ciphers, including AES, RC4, RC2, Triple DES, and DES. It further supports hash functions SHA, MD5, MD4, and MD2. 
FTPS includes full support for the TLS and SSL cryptographic protocols, including the use of server-side public key authentication certificates and client-side authorization certificates. It also supports compatible ciphers, including AES, RC4, RC2, Triple DES, and DES. It further supports hash functions SHA, MD5, MD4, and MD2. 
Question 10
In the Common Vulnerability Scoring System (CVSS) v3.1 severity ratings, what range does medium vulnerability fall in? 
 
  1. 4.0-6.0 
  2. 3.9-6.9 
  3. 3.0-6.9 
  4. 4.0-6.9  
Correct answer: D
Explanation:
CVSS v3.0 Ratings Low 0.1-3.9 Medium 4.0-6.9 High 7.0-8.9 Critical 9.0-10.0 https://nvd.nist.gov/vuln-metrics/cvss 
CVSS v3.0 Ratings 
Low 0.1-3.9 
Medium 4.0-6.9 
High 7.0-8.9 
Critical 9.0-10.0 
https://nvd.nist.gov/vuln-metrics/cvss 
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!