312-50v12: Certified Ethical Hacker v12 Exam → Certified Ethical Hacker v12 Topic 2 - awslagi.com https://awslagi.

com/course/312-50v12/lessons/certified-ethical-hacker-v12-topic-2/

Question #: 81
Topic #: 1
You are a penetration tester tasked with testing the wireless network of your client Brakeme SA. You are
attempting to break into the wireless network with the SSID “Brakeme-Internal.” You realize that this network
uses WPA3 encryption.
Which of the following vulnerabilities is the promising to exploit?

A. Cross-site request forgery

B. Dragonblood
C. Key reinstallation attack
D. AP miscon�guration

Selected Answer: B

Question #: 79
Topic #: 1
George is a security professional working for iTech Solutions. He was tasked with securely transferring
sensitive data of the organization between industrial systems. In this process, he used a short-range
communication protocol based on the IEEE 203.15.4 standard. This protocol is used in devices that transfer
data infrequently at a low rate in a restricted area, within a range of 10-100 m.
What is the short-range wireless communication technology George employed in the above scenario?

A. LPWAN
B. MQTT
C. NB-IoT
D. Zigbee

Selected Answer: D

Question #: 77
Topic #: 1
Ethical hacker Jane Smith is attempting to perform an SQL injection attack. She wants to test the response
time of a true or false response and wants to use a second command to determine whether the database will
return true or false results for user IDs.
Which two SQL injection types would give her the results she is looking for?

A. Out of band and boolean-based

B. Union-based and error-based
C. Time-based and union-based
D. Time-based and boolean-based

Selected Answer: D

Question #: 76
Topic #: 1
Judy created a forum. One day, she discovers that a user is posting strange images without writing
comments. She immediately calls a security expert, who discovers that the following code is hidden behind
those images:

What issue occurred for the users who clicked on the image?

A. This php �le silently executes the code and grabs the user’s session cookie and session ID.
B. The code redirects the user to another site.
C. The code injects a new cookie to the browser.
D. The code is a virus that is attempting to gather the user’s username and password.

Selected Answer: A

Question #: 62
Topic #: 1
Which of the following allows attackers to draw a map or outline the target organization’s network
infrastructure to know about the actual environment that they are going to hack?

A. Vulnerability analysis
B. Malware analysis
C. Scanning networks
D. Enumeration

Selected Answer: C

Question #: 57
Topic #: 1
This form of encryption algorithm is a symmetric key block cipher that is characterized by a 128-bit block size,
and its key size can be up to 256 bits. Which among the following is this encryption algorithm?

A. HMAC encryption algorithm

B. Two�sh encryption algorithm
C. IDEA
D. Blow�sh encryption algorithm

Selected Answer: B

Question #: 47
Topic #: 1
Larry, a security professional in an organization, has noticed some abnormalities in the user accounts on a
web server. To thwart evolving attacks, he decided to harden the security of the web server by adopting a few
countermeasures to secure the accounts on the web server.
Which of the following countermeasures must Larry implement to secure the user accounts on the web
server?

A. Retain all unused modules and application extensions.

B. Limit the administrator or root-level access to the minimum number of users.
C. Enable all non-interactive accounts that should exist but do not require interactive login.
D. Enable unused default user accounts created during the installation of an OS.

Selected Answer: B

Question #: 136

1 of 1 21-12-2024, 09:06 pm