EC-Council 312-50v13 Certified Ethical Hacker Exam (CEHv13) Online Training
EC-Council 312-50v13 Online Training
The questions for 312-50v13 were last updated at Feb 21,2025.
- Exam Code: 312-50v13
- Exam Name: Certified Ethical Hacker Exam (CEHv13)
- Certification Provider: EC-Council
- Latest update: Feb 21,2025
Which of the following is a command line packet analyzer similar to GUI-based Wireshark?
- A . nessus
- B . tcpdump
- C . ethereal
- D . jack the ripper
DHCP snooping is a great solution to prevent rogue DHCP servers on your network.
Which security feature on switchers leverages the DHCP snooping database to help prevent man-in-the-middle attacks?
- A . Spanning tree
- B . Dynamic ARP Inspection (DAI)
- C . Port security
- D . Layer 2 Attack Prevention Protocol (LAPP)
Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network.
What should Bob do to avoid this problem?
- A . Disable unused ports in the switches
- B . Separate students in a different VLAN
- C . Use the 802.1x protocol
- D . Ask students to use the wireless network
A company’s policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department.
Using Wireshark to examine the captured traffic, which command can be used as display filter to find unencrypted file transfers?
- A . tcp.port = = 21
- B . tcp.port = 23
- C . tcp.port = = 21 | | tcp.port = =22
- D . tcp.port ! = 21
You just set up a security system in your network.
In what kind of system would you find the following string of characters used as a rule within its configuration? alert tcp any any -> 192.168.100.0/24 21 (msg: ““FTP on the network!””;)
- A . A firewall IPTable
- B . FTP Server rule
- C . A Router IPTable
- D . An Intrusion Detection System
Which of the following program infects the system boot sector and the executable files at the same time?
- A . Polymorphic virus
- B . Stealth virus
- C . Multipartite Virus
- D . Macro virus
To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program.
What term is commonly used when referring to this type of testing?
- A . Randomizing
- B . Bounding
- C . Mutating
- D . Fuzzing
An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network’s external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file.
What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?
- A . Protocol analyzer
- B . Network sniffer
- C . Intrusion Prevention System (IPS)
- D . Vulnerability scanner
The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the Transport Layer Security (TLS) protocols defined in RFC6520.
What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?
- A . Public
- B . Private
- C . Shared
- D . Root
Why should the security analyst disable/remove unnecessary ISAPI filters?
- A . To defend against social engineering attacks
- B . To defend against webserver attacks
- C . To defend against jailbreaking
- D . To defend against wireless attacks
Latest 312-50v13 Dumps Valid Version with 572 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
