Bob, an attacker, has managed to access a target IoT device. He employed an online tool to gather information related to the model of the IoT device and the certifications granted to it.Which of the following tools did Bob employ to gather the above information?
Answer(s): A
A) FCC ID search explains device model and certifications by querying the FCC database using the device’s FCC ID, exposing approval information and test data. B) Google image search would not reliably reveal formal certifications or exact model details from regulatory records. C) search.com is a generic search engine with no specific regulatory data source. D) EarthExplorer is a geospatial data portal not related to IoT device certifications or model identification.
What piece of hardware on a computer's motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible?
Answer(s): D
The TPM securely generates and stores cryptographic keys and can release only portions of a key or perform operations without exposing the full secret, enabling hardware-anchored disk decryption checks and attestation. A) CPU – performs computations but does not provide hardware-bound key isolation or controlled partial release. B) UEFI – firmware interface, not a secure element for key isolation. C) GPU – handles graphics processing, not designed for secure key storage or partial key release. D) TPM – dedicated secure enclave on the motherboard that provisions and protects keys with hardware-based security and controlled release.
Gilbert, a web developer, uses a centralized web API to reduce complexity and increase the integrity of updating and changing data. For this purpose, he uses a web service that uses HTTP methods such as PUT, POST, GET, and DELETE and can improve the overall performance, visibility, scalability, reliability, and portability of an application.What is the type of web-service API mentioned in the above scenario?
A) RESTful API is right because it uses HTTP methods (PUT, POST, GET, DELETE) to perform CRUD operations on resources in a stateless, cacheable manner, promoting performance, scalability, and portability as described.B) JSON-RPC is incorrect because it uses a remote procedure call protocol over HTTP/HTTPS with a single endpoint and typically JSON payloads, not the standard RESTful resource-oriented model.C) SOAP API is incorrect because SOAP relies on XML envelopes and a more rigid protocol with its own standards, not the simple REST-style HTTP methods and resource manipulation described.D) REST API is incorrect because while similar, RESTful API emphasizes the architectural style with resource-based URIs and standard HTTP methods; the scenario matches RESTful API terminology.
To create a botnet, the attacker can use several techniques to scan vulnerable machines. The attacker first collects information about a large number of vulnerable machines to create a list. Subsequently, they infect the machines. The list is divided by assigning half of the list to the newly compromised machines. The scanning process runs simultaneously. This technique ensures the spreading and installation of malicious code in little time.Which technique is discussed here?
Answer(s): C
A short summary: Hit-list scanning technique is used to propagate rapidly by distributing a precompiled list of targets and having new infections continue scanning in parallel.A) Subnet scanning technique - Incorrect: focuses on scanning within a single subnet or classful network segments, not on distributing a precompiled target list or parallel propagation.B) Permutation scanning technique - Incorrect: implies a reordering or permutation of scanning targets, not the creation of a shared hit list for rapid spread.C) Hit-list scanning technique - Correct: describes compiling a list of vulnerable hosts and using compromised nodes to continue scanning, enabling fast, parallel propagation.D) Topological scanning technique - Incorrect: relates to network topology awareness in scanning, not the specific hit-list-based, parallel spreading approach.
Nicolas just found a vulnerability on a public-facing system that is considered a zero-day vulnerability. He sent an email to the owner of the public system describing the problem and how the owner can protect themselves from that vulnerability. He also sent an email to Microsoft informing them of the problem that their systems are exposed to.What type of hacker is Nicolas?
Answer(s): B
A) White hat notes: He identifies vulnerability and discloses it responsibly to the owner and vendor to enable remediation, aligning with ethical disclosure practices.B) White hatC) Gray hat would involve ambiguous or unauthorized discovery without clear authorization or may not fully disclose to vendor; not the case here.D) Red hat is an informal term not used in standard classification; misleads, not applicable.
Sophia is a shopping enthusiast who spends significant time searching for trendy outfits online. Clark, an attacker, noticed her activities several times and sent a fake email containing a deceptive page link to her social media page displaying all-new and trendy outfits. In excitement, Sophia clicked on the malicious link and logged in to that page using her valid credentials.Which of the following tools is employed by Clark to create the spoofed email?
Sophia’s credentials were entered on a spoofed page after receiving a deceptive email, which is characteristic of credential harvesting using a phishing or phishing-as-a-service setup. Evilginx is a man-in-the-middle phishing framework that creates fake login pages to harvest session tokens and credentials, matching this scenario.A) EvilginxB) SlowlorisC) PLCinjectD) PyLorisB) Slowloris is a DoS tool, not for phishing or credential harvesting.C) PLCinject targets PLCs in industrial control systems, not web phishing.D) PyLoris is a slow HTTP denial-of-service tool, not credential phishing.
John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker installed a scanner on a machine belonging to one of the victims and scanned several machines on the same network to identify vulnerabilities to perform further exploitation.What is the type of vulnerability assessment tool employed by John in the above scenario?
John used an agent-based scanner because the attacker installed a scanner on a victim’s machine (an agent) to remotely assess multiple systems in the network. This approach leverages a host-installed agent to gather exposure data and propagate assessment across the network.A) Agent-based scanner — correct: deployed on a host to perform ongoing assessment and report back, fitting the scenario of a compromised machine extending reach.B) Network-based scanner — incorrect: typically runs from an external or centralized vantage point, not installed on a victim host.C) Cluster scanner — incorrect: implies distributed scanning across multiple nodes as a coordinated cluster, not described here.D) Proxy scanner — incorrect: uses proxying to assess through intermediaries, not installed on endpoints.
Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes in these websites and injected a malicious script that can redirect users from the web page and download malware onto a victim's machine. Joel waits for the victim to access the infected web application so as to compromise the victim's machine.Which of the following techniques is used by Joel in the above scenario?
A) Watering hole attack is correct because it targets a site frequently visited by the victim’s group, injects malicious code on that site, and waits for users to visit to compromise their machines.B) DNS rebinding attack involves bypassing same-origin policy by exploiting DNS to make private network requests, not targeting specific sites employees visit.C) MarioNet attack is not a standard term in this context; it does not describe compromising through visiting trusted sites to deliver malware.D) Clickjacking involves overlaying invisible UI elements to trick users into actions, not injecting malware via compromised sites the employees visit.
Share your comments for EC-Council 312-50v13 exam with other users:
a good source for exam preparation
nice questions
i need ielts general training audio guide questions
please make this content available
content is good
latest dumps please
aside from pdf the test engine software is helpful. the interface is user-friendly and intuitive, making it easy to navigate and find the questions.
questions and options are correct, but the answers are wrong sometimes. so please check twice or refer some other platform for the right answer
90% of questions was there but i failed the exam, i marked the answers as per the guide but looks like they are not accurate , if not i would have passed the exam given that i saw about 45 of 50 questions from dump
answer to this question "what administrative safeguards should be implemented to protect the collected data while in use by manasa and her product management team? " it should be (c) for the following reasons: this administrative safeguard involves controlling access to collected data by ensuring that only individuals who need the data for their job responsibilities have access to it. this helps minimize the risk of unauthorized access and potential misuse of sensitive information. while other options such as (a) documenting data flows and (b) conducting a privacy impact assessment (pia) are important steps in data protection, implementing a "need to know" access policy directly addresses the issue of protecting data while in use by limiting access to those who require it for legitimate purposes. (d) is not directly related to safeguarding data during use; it focuses on data transfers and location.
password lockout being the correct answer for question 37 does not make sense. it should be geofencing.
for question 4, the righr answer is :recover automatically from failures
question number 4s answer is 3, option c. i
very good questions
i am confused about the answers to the questions. are the answers correct?
very usefull
need certification.
great exam prep
i require dump
good morning, could you please upload this exam again,
hi can you please upload the dumps for sap contingent module. thanks
good questions
looking forward to the real exam
good ones for exam preparation
this is a good experience
hi everyone
waiting for the dump. please upload.
upload cks exam questions
awesome training material
where is dump
q. 289 - the correct answer should be b not d, since the question asks for the most secure way to provide access to a s3 bucket (a single one), and by principle of the least privilege you should not be giving access to all buckets.
please i need if possible h12-831,
good collection of questions and solution for pl500 certification
i would like to appear the exam.