Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

312-50v12Free trial

By eccouncil

Verified

25Q per page

Question 51

You are a cybersecurity consultant for a major airport that offers free Wi-Fi to travelers. The management is concerned about the possibility of "Evil Twin" attacks, where a malicious actor sets up a rogue access point that mimics the legitimate one. They are looking for a solution that would not significantly impact the user experience or require travelers to install additional software. What is the most effective security measure you could recommend that fits these constraints, considering the airport's unique operational environment?

A: Regularly change the SSID of the airport's Wi-Fi network
B: Use MAC address filtering on the airport's Wi-Fi network
C: Implement WPA3 encryption for the airport's Wi-Fi network
D: Display a captive portal page that warns users about the possibility of Evil Twin attacks

—

Question 52

As a Certified Ethical Hacker, you are conducting a footprinting and reconnaissance operation against a target organization. You discover a range of IP addresses associated with the target using the SecurityTrails tool. Now, you need to perform a reverse DNS lookup on these IP addresses to find the associated domain names, as well as determine the nameservers and mail exchange (MX) records. Which of the following DNSRecon commands would be most effective for this purpose?

A: dnsrecon -r 192.168.1.0/24 -n nsl.example.com -t axfr
B: dnsrecon -r 10.0.0.0/24 -n nsl.example.com -t zonewalk
C: dnsrecon -r 162.241.216.0/24 -n nsl.example.com -t std
D: dnsrecon -r 162.241.216.0/24 -d example.com -t brt

—

Question 53

You are an ethical hacker tasked with conducting an enumeration of a company's network. Given a Windows Answered Marked for Review 37.6% system with NetBIOS enabled, port 139 open, and file and printer sharing active, you are about to run some nbtstat commands to enumerate NetBIOS names. The company uses IPv6 for its network. Which of the following actions should you take next?

A: Switch to an enumeration tool that supports IPv6
B: Use nbtstat -a followed by the IPv6 address of the target machine
C: Use nbtstat -c to get the contents of the NetBIOS name cache
D: Utilize Nmap Scripting Engine (NSE) for NetBIOS enumeration

—

Question 54

During a red team assessment, a CEH is given a task to perform network scanning on the target network without revealing its IP address. They are also required to find an open port and the services available on the target machine. What scanning technique should they employ, and which command in Zenmap should they use?

A: Use SCTP INIT Scan with the command "-sY"
B: Use UDP Raw ICMP Port Unreachable Scanning with the command "-sU"
C: Use the ACK flag probe scanning technique with the command "-sA"
D: Use the IDLE/IPID header scan technique with the command "-sI"

—

Question 55

A large corporation is planning to implement preventive measures to counter a broad range of social engineering techniques. The organization has implemented a signature-based IDS, intrusion detection system, to detect known attack payloads and network flow analysis to monitor data entering and leaving the network. The organization is deliberating on the next step. Considering the information provided about various social engineering techniques, what should be the organization's next course of action?

A: Implement endpoint detection and response solution to oversee endpoint activities
B: Set up a honeypot to attract potential attackers into a controlled environment for analysis
C: Deploy more security personnel to physically monitor key points of access
D: Organize regular employee awareness training regarding social engineering techniques and preventive measures

—

Question 56

An audacious attacker is targeting a web server you oversee. He intends to perform a Slow HTTP POST attack, by manipulating 'a' HTTP connection. Each connection sends a byte of data every 'b' second, effectively holding up the connections for an extended period. Your server is designed to manage 'm' connections per second, but any connections exceeding this number tend to overwhelm the system. Given 'a=100' and variable 'm', along with the attacker's intention of maximizing the attack duration 'D=a*b', consider the following scenarios. Which is most likely to result in the longest duration of server unavailability?

A: m=90, b=15: The server can manage 90 connections per second, but the attacker's 100 connections exceed this, and with each connection held up for 15 seconds, the attack duration could be significant.
B: m=105, b=12: The server can manage 105 connections per second, more than the attacker's 100 connections, likely maintaining operation despite a moderate hold-up time.
C: m=110, b=20: Despite the attacker sending 100 connections, the server can handle 110 connections per second, therefore likely staying operative, regardless of the hold-up time per connection.
D: m=95, b=10: Here, the server can handle 95 connections per second, but it falls short against the attacker's 100 connections, albeit the hold-up time per connection is lower.

—

Question 57

Taylor, a security professional, uses a tool to monitor her company’s website, analyze the website’s traffic, and track the geographical location of the users visiting the company’s website.
Which of the following tools did Taylor employ in the above scenario?

A: Webroot
B: Web-Stat
C: WebSite-Watcher
D: WAFW00F

—

Question 58

A large organization has recently performed a vulnerability assessment using Nessus Professional, and the security team is now preparing the final report. They have identified a high-risk vulnerability, named XYZ, which could potentially allow unauthorized access to the network. In preparing the report, which of the following elements would NOT be typically included in the detailed documentation for this specific vulnerability?

A: Proof of concept (PoC) of the vulnerability, if possible, to demonstrate its potential impact on the system.
B: The total number of high, medium, and low-risk vulnerabilities detected throughout the network.
C: The list of all affected systems within the organization that are susceptible to the identified vulnerability.
D: The CVE ID of the vulnerability and its mapping to the vulnerability's name, XYZ.

—

Question 59

Recently, the employees of a company have been receiving emails that seem to be from their colleagues, but with suspicious attachments. When opened, these attachments appear to install malware on their systems. The IT department suspects that this is a targeted malware attack. Which of the following measures would be the most effective in preventing such attacks?

A: Disabling Autorun functionality on all drives
B: Avoiding the use of outdated web browsers and email software
C: Regularly scan systems for any new files and examine them
D: Applying the latest patches and updating software programs

—

Question 60

A network security analyst, while conducting penetration testing, is aiming to identify a service account password using the Kerberos authentication protocol. They have a valid user authentication ticket (TGT) and decided to carry out a Kerberoasting attack. In the scenario described, which of the following steps should the analyst take next?

A: Carry out a passive wire sniffing operation using Internet packet sniffers
B: Perform a PRobability INfinite Chained Elements (PRINCE) attack
C: Extract plaintext passwords, hashes, PIN codes, and Kerberos tickets using a tool like Mimikatz
D: Request a service ticket for the service principal name of the target service account

—

Question 61

As a cybersecurity analyst at IoT Defend, you are working with a large utility company that uses Industrial Control Systems (ICS) in its operational technology (OT) environment. The company has recently integrated IoT devices into this environment to enable remote monitoring and control. They want to ensure these devices do not become a weak link in their security posture. To identify potential vulnerabilities in the IoT devices, which of the following actions should you recommend as the first step?

A: Use stronger encryption algorithms for data transmission between IoT devices.
B: Implement network segmentation to isolate IoT devices from the rest of the network.
C: Conduct a vulnerability assessment specifically for the IoT devices.
D: Install the latest antivirus software on each IoT device.

—

Question 62

A penetration tester is performing an enumeration on a client's network. The tester has acquired permission to perform enumeration activities. They have identified a remote inter-process communication (IPC) share and are trying to collect more information about it. The tester decides to use a common enumeration technique to collect the desired data. Which of the following techniques would be most appropriate for this scenario?

A: Probe the IPC share by attempting to brute force admin credentials
B: Brute force Active Directory
C: Extract usernames using email IDs
D: Conduct a DNS zone transfer

—

Question 63

As a cybersecurity analyst at TechSafe Inc., you are working on a project to improve the security of a smart home system. This IoT-enabled system controls various aspects of the home, from heating and lighting to security cameras and door locks. Your client wants to ensure that even if one device is compromised, the rest of the system remains secure. Which of the following strategies would be most effective for this purpose?

A: Recommend using a strong password for the smart home system's main control panel.
B: Suggest implementing two-factor authentication for the smart home system's mobile app.
C: Propose frequent system resets to clear any potential malware.
D: Advise using a dedicated network for the smart home system, separate from the home's main Wi-Fi network.

—

Question 64

During your summer internship at a tech company, you have been asked to review the security settings of their web server. While inspecting, you notice the server reveals detailed error messages to users, including database query errors and internal server errors. As a cybersecurity beginner, what is your understanding of this setting, and how would you advise the company?

A: Retain the setting as it aids in troubleshooting user issues.
B: Suppress detailed error messages, as they can expose sensitive information.
C: Implement stronger encryption to secure the error messages.
D: Increase the frequency of automated server backups.

—

That’s the end of your free questions

You’ve reached the preview limit for 312-50v12

Consider upgrading to gain full access!

Page 3 of 13 • Questions 51-75 of 317

←

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!