Download Certified Ethical Hacker v12 Exam.312-50v12.PassLeader.2025-03-30.206q.vcex

Vendor: ECCouncil
Exam Code: 312-50v12
Exam Name: Certified Ethical Hacker v12 Exam
Date: Mar 30, 2025
File Size: 368 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: TAURUSSIM_20OFF

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker installed a scanner on a machine belonging to one of the victims and scanned several machines on the same network to identify vulnerabilities to perform further exploitation. What is the type of vulnerability assessment tool employed by John in the above scenario? 
 
  1. Agent-based scanner 
  2. Network-based scanner 
  3. Cluster scanner 
  4. Proxy scanner  
Correct answer: A
Explanation:
* Network-Based Scanner: Network-based scanners are those that interact only with the real machine where they reside and give the report to the same machine after scanning. * Agent-Based Scanner: Agent-based scanners reside on a single machine but can scan several machines on the same network. * Proxy Scanner: Proxy scanners are the network-based scanners that can scan networks from any machine on the network. * Cluster scanner: Cluster scanners are similar to proxy scanners, but they can simultaneously perform two or more scans on different machines in the network. 
* Network-Based Scanner: Network-based scanners are those that interact only with the real machine where they reside and give the report to the same machine after scanning. 
* Agent-Based Scanner: Agent-based scanners reside on a single machine but can scan several machines on the same network. 
* Proxy Scanner: Proxy scanners are the network-based scanners that can scan networks from any machine on the network. 
* Cluster scanner: Cluster scanners are similar to proxy scanners, but they can simultaneously perform two or more scans on different machines in the network. 
Question 2
Security administrator John Smith has noticed abnormal amounts of traffic coming from local computers at night. Upon reviewing, he finds that user data have been exfiltrated by an attacker. AV tools are unable to find any malicious software, and the IDS/IPS has not reported on any non-whitelisted programs. 
What type of malware did the attacker use to bypass the company's application whitelisting? 
 
  1. File-less malware 
  2. Zero-day malware 
  3. Phishing malware 
  4. Logic bomb malware  
Correct answer: A
Explanation:
In this scenario, the attacker used file-less malware to bypass the company's application whitelisting. File-less malware resides entirely in memory, making it difficult for antivirus software and IDS/IPS to detect. It can run in the context of a trusted process or system application, and can be delivered through various attack vectors, including phishing emails, malicious websites, or network exploits. 
In this scenario, the attacker used file-less malware to bypass the company's application whitelisting. File-less malware resides entirely in memory, making it difficult for antivirus software and IDS/IPS to detect. It can run in the context of a trusted process or system application, and can be delivered through various attack vectors, including phishing emails, malicious websites, or network exploits. 
Question 3
Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID links the target employee to Boney's account page without disclosing any information to the victim. When the target employee clicks on the link, all the sensitive payment details entered in a form are linked to Boney's account. What is the attack performed by Boney in the above scenario? 
 
  1. Forbidden attack 
  2. CRIME attack 
  3. Session donation attack 
  4. Session fixation attack  
Correct answer: C
Explanation:
In a session donation attack, the attacker donates their own session ID to the target user. In this attack, the attacker first obtains a valid session ID by logging into a service and later feeds the same session ID to the target user. This session ID links a target user to the attacker’s account page without disclosing any information to the victim. When the target user clicks on the link and enters the details (username, password, payment details, etc.) in a form, the entered details are linked to the attacker’s account. To initiate this attack, the attacker can send their session ID using techniques such as cross-site cooking, an MITM attack, and session fixation. A session donation attack involves the following steps. 
In a session donation attack, the attacker donates their own session ID to the target user. In this attack, the attacker first obtains a valid session ID by logging into a service and later feeds the same session ID to the target user. This session ID links a target user to the attacker’s account page without disclosing any information to the victim. When the target user clicks on the link and enters the details (username, password, payment details, etc.) in a form, the entered details are linked to the attacker’s account. To initiate this attack, the attacker can send their session ID using techniques such as cross-site cooking, an MITM attack, and session fixation. A session donation attack involves the following steps. 
Question 4
Kevin, a professional hacker, wants to penetrate CyberTech Inc's network. He employed a technique, using which he encoded packets with Unicode characters. The company's IDS cannot recognize the packets, but the target web server can decode them. 
What is the technique used by Kevin to evade the IDS system? 
 
  1. Session splicing 
  2. Urgency flag 
  3. Obfuscating 
  4. Desynchronization                                                                                 
Correct answer: C
Explanation:
Obfuscating is an IDS evasion technique used by attackers to encode the attack packet payload in such a way that the destination host can only decode the packet but not the IDS. Using Unicode characters, an attacker can encode attack packets that the IDS would not recognize but which an IIS web server can decode.   
Obfuscating is an IDS evasion technique used by attackers to encode the attack packet payload in such a way that the destination host can only decode the packet but not the IDS. Using Unicode characters, an attacker can encode attack packets that the IDS would not recognize but which an IIS web server can decode. 
 
 
Question 5
Suppose that you test an application for the SQL injection vulnerability. You know that the backend database is based on Microsoft SQL Server. In the login/password form, you enter the following credentials: 
Based on the above credentials, which of the following SQL commands are you expecting to be executed by the server, if there is indeed an SQL injection vulnerability? 
  1. select * from Users where UserName = 'attack' ' or 1=1 -- and UserPassword = '123456' 
  2. select * from Users where UserName = 'attack' or 1=1 -- and UserPassword = '123456' 
  3. select * from Users where UserName = 'attack or 1=1 -- and UserPassword = '123456' 
  4. select * from Users where UserName = 'attack' or 1=1 --' and UserPassword = '123456'  
Correct answer: D
Explanation:
SELECT Count(*) FROM Users WHERE UserName='Blah' or 1=1 --' AND Password='Springfield' SQL Query Executed : SELECT Count(*) FROM Users WHERE UserName='Blah' or 1=1 Code after -- are now comments : --' AND Password='Springfield' 
SELECT Count(*) FROM Users WHERE UserName='Blah' or 1=1 --' AND Password='Springfield' 
SQL Query Executed : SELECT Count(*) FROM Users WHERE UserName='Blah' or 1=1 
Code after -- are now comments : --' AND Password='Springfield' 
Question 6
Which of the following commands checks for valid users on an SMTP server? 
 
  1. RCPT 
  2. CHK 
  3. VRFY 
  4. EXPN  
Correct answer: C
Explanation:
The VRFY commands enables SMTP clients to send an invitation to an SMTP server to verify that mail for a selected user name resides on the server. The VRFY command is defined in RFC 821.The server sends a response indicating whether the user is local or not, whether mail are going to be forwarded, and so on. A response of 250 indicates that the user name is local; a response of 251 indicates that the user name isn't local, but the server can forward the message. The server response includes the mailbox name. 
The VRFY commands enables SMTP clients to send an invitation to an SMTP server to verify that mail for a selected user name resides on the server. The VRFY command is defined in RFC 821.The server sends a response indicating whether the user is local or not, whether mail are going to be forwarded, and so on. A response of 250 indicates that the user name is local; a response of 251 indicates that the user name isn't local, but the server can forward the message. 
The server response includes the mailbox name. 
Question 7
Bella, a security professional working at an IT firm, finds that a security breach has occurred while transferring important files. Sensitive data, employee usernames, and passwords are shared in plaintext, paving the way for hackers to perform successful session hijacking. To address this situation, Bella implemented a protocol that sends data using encryption and digital certificates.                                                                          
Which of the following protocols is used by Bella? 
 
  1. FTPS 
  2. FTP 
  3. HTTPS 
  4. IP  
Correct answer: A
Explanation:
FTPS includes full support for the TLS and SSL cryptographic protocols, including the use of server-side public key authentication certificates and client-side authorization certificates. It also supports compatible ciphers, including AES, RC4, RC2, Triple DES, and DES. It further supports hash functions SHA, MD5, MD4, and MD2. 
FTPS includes full support for the TLS and SSL cryptographic protocols, including the use of server-side public key authentication certificates and client-side authorization certificates. It also supports compatible ciphers, including AES, RC4, RC2, Triple DES, and DES. It further supports hash functions SHA, MD5, MD4, and MD2. 
Question 8
Bill is a network administrator. He wants to eliminate unencrypted traffic inside his company's network. He decides to setup a SPAN port and capture all traffic to the datacenter. He immediately discovers unencrypted traffic in port UDP 161.                                                              
What protocol is this port using and how can he secure that traffic? 
 
  1. RPC and the best practice is to disable RPC completely. 
  2. SNMP and he should change it to SNMP V3. 
  3. SNMP and he should change it to SNMP V2, which is encrypted. 
  4. It is not necessary to perform any actions, as SNMP is not carrying important information.  
Correct answer: B
Explanation:
SNMP (Simple Network Management Protocol) is a protocol used for managing and monitoring network devices, such as routers, switches, and servers. SNMP uses UDP port 161 for communication. However, SNMP V1 and V2 use clear text community strings for authentication, making them vulnerable to eavesdropping and other attacks. To secure SNMP traffic, Bill should change the SNMP version to SNMP V3, which provides enhanced security features, such as authentication, encryption, and message integrity. SNMP V3 requires a username and password for authentication, and it supports encryption of the data being transmitted. 
SNMP (Simple Network Management Protocol) is a protocol used for managing and monitoring network devices, such as routers, switches, and servers. SNMP uses UDP port 161 for communication. However, SNMP V1 and V2 use clear text community strings for authentication, making them vulnerable to eavesdropping and other attacks. 
To secure SNMP traffic, Bill should change the SNMP version to SNMP V3, which provides enhanced security features, such as authentication, encryption, and message integrity. SNMP V3 requires a username and password for authentication, and it supports encryption of the data being transmitted. 
Question 9
Consider the following Nmap output: 
 
 
What command-line parameter could you use to determine the type and version number of the web server?  
  1. -sV 
  2. -sS 
  3. -Pn                                                                                 
  4. -V  
Correct answer: A
Explanation:
https://nmap.org/book/man-briefoptions.html-sV: Probe open ports to determine service/version info   
https://nmap.org/book/man-briefoptions.html-sV: Probe open ports to determine service/version info 
 
 
Question 10
Bob was recently hired by a medical company after it experienced a major cyber security breach. Many patients are complaining that their personal medical records are fully exposed on the Internet and someone can find them with a simple Google search. Bob's boss is very worried because of regulations that protect those data. 
Which of the following regulations is mostly violated? 
 
  1. PCI DSS 
  2. PII 
  3. ISO 2002 
  4. HIPPA/PHI  
Correct answer: D
Explanation:
HIPAA/PHI: The Health Insurance Portability and Accountability Act (HIPAA) establishes rules and regulations to safeguard protected health information (PHI). It applies to healthcare providers, health plans, and other entities handling patient data to ensure its confidentiality, integrity, and availability. 
HIPAA/PHI: The Health Insurance Portability and Accountability Act (HIPAA) establishes rules and regulations to safeguard protected health information (PHI). It applies to healthcare providers, health plans, and other entities handling patient data to ensure its confidentiality, integrity, and availability. 
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!