Free ECCouncil 312-50v13 Exam Dumps Questions & Answers

At a federal research agency, cybersecurity officer Nikhil is drafting a vulnerability assessment report. In this section, he documents the scanning methodology used, the information about the targets, the type and scope of scans performed, and the tools involved. He does not yet include specific vulnerabilities or affected assets, as this portion of the report is meant to provide context for how the assessment was conducted.
Which section of the vulnerability assessment report is Nikhil working on?

• A.  Assessment Overview
• B.  Findings
• C.  Risk Assessment
• D.  Supporting Information

During testing against a network protected by a signature-based IDS, the tester notices that standard scans are blocked. To evade detection, the tester sends TCP headers split into multiple small IP fragments so the IDS cannot reassemble or interpret them, but the destination host can. What technique is being used?

• A.  SYN scan with spoofed MAC address
• B.  Packet fragmentation to bypass filtering logic
• C.  Packet crafting with randomized window size
• D.  IP decoying with randomized address positions

In a tense red team exercise at a mid-sized university in Austin, Texas, an ethical hacker named Jake targeted a legacy Linux server in the engineering department. Late one afternoon, he discovered TCP port 2049 was open during his first sweep, suggesting hidden file-sharing capabilities. Intrigued, Jake used a standard utility to request a list of remote file systems shared across the network, aiming to map accessible resources.
Meanwhile, he idly checked for Telnet access and probed a time-sync service out of routine, but both proved fruitless on this host.
Which enumeration method is actively demonstrated in this scenario?

• A.  NFS Enumeration
• B.  NTP Enumeration
• C.  NetBIOS Enumeration
• D.  SNMP Enumeration

At Bayview University in San Francisco, California, ethical hacker Sofia Patel is evaluating security controls on Android 11 tablets used by staff. To simulate an attack, she installs KingoRoot.apk directly on one of the devices. The application leverages system vulnerabilities to elevate privileges without requiring a computer connection. Based on the module, which feature of this rooting approach makes the attack effective?

• A.  It exploits Bluetooth pairing flaws to gain device-level privileges
• B.  It uses a tethered jailbreak to restart the device with patched kernel functions
• C.  It relies on weak SSL validation to bypass application controls
• D.  It is an APK that can run directly on the device without a PC

Lily, a network security analyst at a regional healthcare provider, is preparing defenses ahead of a scheduled external vulnerability assessment. During internal simulation drills, she observes that scanners are successfully identifying open ports and service banners across critical systems. Tasked with reducing exposure to such reconnaissance efforts, Lily is instructed to apply measures that specifically hinder port scanning activity without disrupting legitimate traffic.
Which of the following actions should Lily implement?

• A.  Configure firewall and IDS rules to detect and block probes
• B.  Use a custom rule set to lock down the network, block unwanted ports at the firewall, and filter specific ports
• C.  Block inbound ICMP message types and all outbound ICMP type 3 unreachable messages
• D.  Block unwanted services running on the ports and update the service versions