Certified Ethical Hacker Exam (CEHv13) Version: Demo [ Total Questions: 10] Web: www.dumpscafe.com Email: support@dumpscafe.com ECCouncil 312-50v13 IMPORTANT NOTICE Feedback We have developed quality product and state-of-art service to ensure our customers interest. If you have any suggestions, please feel free to contact us at feedback@dumpscafe.com Support If you have any questions about our product, please provide the following items: exam code screenshot of the question login id/email please contact us at and our technical experts will provide support within 24 hours. support@dumpscafe.com Copyright The product of each order has its own encryption code, so you should use it independently. Any unauthorized changes will inflict legal punishment. We reserve the right of final explanation for this statement. ECCouncil - 312-50v13 Pass Exam 1 of 7 Verified Solution - 100% Result Exam Topic Breakdown Exam Topic Number of Questions Topic 2 : Exam Pool B 4 Topic 1 : Exam Pool A 4 Topic 3 : Exam Pool C 2 TOTAL 10 ECCouncil - 312-50v13 Pass Exam 2 of 7 Verified Solution - 100% Result A. B. C. D. A. B. C. D. Topic 2, Exam Pool B Question #:1 - (Exam Topic 2) To invisibly maintain access to a machine, an attacker utilizes a toolkit that sits undetected In the core components of the operating system. What is this type of rootkit an example of? Mypervisor rootkit Kernel toolkit Hardware rootkit Firmware rootkit Answer: B Explanation Kernel-mode rootkits run with the best operating system privileges (Ring 0) by adding code or replacement parts of the core operating system, as well as each the kernel and associated device drivers. Most operative systems support kernel-mode device drivers, that execute with a similar privileges because the software itself. As such, several kernel-mode rootkits square measure developed as device drivers or loadable modules, like loadable kernel modules in Linux or device drivers in Microsoft Windows. This category of rootkit has unrestricted security access, however is tougher to jot down. The quality makes bugs common, and any bugs in code operative at the kernel level could seriously impact system stability, resulting in discovery of the rootkit. one amongst the primary wide familiar kernel rootkits was developed for Windows NT four.0 and discharged in Phrack magazine in 1999 by Greg Hoglund. Kernel rootkits is particularly tough to observe and take away as a result of they operate at a similar security level because the software itself, and square measure therefore able to intercept or subvert the foremost sure software operations. Any package, like antivirus package, running on the compromised system is equally vulnerable. during this scenario, no a part of the system is sure. Question #:2 - (Exam Topic 2) What would be the fastest way to perform content enumeration on a given web server by using the Gobuster tool? Performing content enumeration using the bruteforce mode and 10 threads Shipping SSL certificate verification Performing content enumeration using a wordlist Performing content enumeration using the bruteforce mode and random file extensions Answer: C ECCouncil - 312-50v13 Pass Exam 3 of 7 Verified Solution - 100% Result A. B. C. D. A. B. C. D. Explanation Analyze Web Applications: Identify Files and Directories - enumerate applications, as well as hidden directories and files of the web application hosted on the web server. Tools such as #Gobuster is directory scanner that allows attackers to perform fast-paced enumeration of hidden files and directories of a target web application. # gobuster -u <target URL> -w common.txt (wordlist) (P.1849/1833) Question #:3 - (Exam Topic 2) Why containers are less secure that virtual machines? Host OS on containers has a larger surface attack. Containers may full fill disk space of the host. A compromise container may cause a CPU starvation of the host. Containers are attached to the same virtual network. Answer: A Question #:4 - (Exam Topic 2) You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use? wireshark --fetch ''192.168.8*'' wireshark --capture --local masked 192.168.8.0 ---range 24 tshark -net 192.255.255.255 mask 192.168.8.0 sudo tshark -f''net 192 .68.8.0/24'' Answer: D ECCouncil - 312-50v13 Pass Exam 4 of 7 Verified Solution - 100% Result A. B. C. D. A. B. C. D. Topic 1, Exam Pool A Question #:5 - (Exam Topic 1) Study the snort rule given below: From the options below, choose the exploit against which this rule applies. WebDav SQL Slammer MS Blaster MyDoom Answer: C Question #:6 - (Exam Topic 1) Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN? ESP transport mode ESP confidential AH permiscuous AH Tunnel mode Answer: A ECCouncil - 312-50v13 Pass Exam 5 of 7 Verified Solution - 100% Result A. B. C. D. A. B. C. D. Question #:7 - (Exam Topic 1) An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", the user is directed to a phishing site. Which file does the attacker need to modify? Boot.ini Sudoers Networks Hosts Answer: D Question #:8 - (Exam Topic 1) Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain. What do you think Tess King is trying to accomplish? Select the best answer. A zone harvesting A zone transfer A zone update A zone estimate Answer: B ECCouncil - 312-50v13 Pass Exam 6 of 7 Verified Solution - 100% Result A. B. C. D. Topic 3, Exam Pool C Question #:9 - (Exam Topic 3) Jude, a pen tester, examined a network from a hacker's perspective to identify exploits and vulnerabilities accessible to the outside world by using devices such as firewalls, routers, and servers. In this process, he also estimated the threat of network security attacks and determined the level of security of the corporate network. What is the type of vulnerability assessment that Jude performed on the organization? External assessment Passive assessment Host-based assessment Application assessment Answer: A Explanation Types of Vulnerability Assessment - External Assessment External assessment examines the network from a hacker’s point of view to identify exploits and vulnerabilities accessible to the outside world. These types of assessments use external devices such as firewalls, routers, and servers. An external assessment estimates the threat of network security attacks from outside the organization. It determines the level of security of the external network and firewall. (P.527/511) External assessment examines the network from a hacker’s point of view to identify exploits and vulnerabilities accessible to the outside world. These types of assessments use external devices such as firewalls, routers, and servers. An external assessment estimates the threat of network security attacks from outside the organization. It determines the level of security of the external network and firewall. The following are some of the possible steps in performing an external assessment: o Determine a set of rules for firewall and router configurations for the external network o Check whether the external server devices and network devices are mapped o Identify open ports and related services on the external network o Examine the patch levels on the server and external network devices o Review detection systems such as IDS, firewalls, and application-layer protection systems o Get information on DNS zones o Scan the external network through a variety of proprietary tools available on the Internet o Examine Web applications such as e-commerce and shopping cart software for vulnerabilities Question #:10 - (Exam Topic 3) ECCouncil - 312-50v13 Pass Exam 7 of 7 Verified Solution - 100% Result A. B. C. D. Miley, a professional hacker, decided to attack a target organization's network. To perform the attack, she used a tool to send fake ARP messages over the target network to link her MAC address with the target system's IP address. By performing this, Miley received messages directed to the victim's MAC address and further used the tool to intercept, steal, modify, and block sensitive communication to the target system. What is the tool employed by Miley to perform the above attack? Gobbler KDerpNSpoof BetterCAP Wireshark Answer: C About dumpscafe.com dumpscafe.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam Questions, Study Guides, Practice Tests. We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on. View list of all certification exams: All vendors We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed below. Sales: sales@dumpscafe.com Feedback: feedback@dumpscafe.com Support: support@dumpscafe.com Any problems about IT certification or our products, You can write us back and we will get back to you within 24 hours.