Exam 312-50v12: EC-Council Certified Ethical Hacker v12

Some questions:
Q
A network security analyst, while conducting penetration testing, is aiming to identify a service account password using the Kerberos authentication protocol. They have a valid user authentication ticket (TGT) and decided to carry out a Kerberoasting attack. In the scenario described, which of the following steps should the analyst take next?
A. Carry out a passive wire sniffing operation using Internet packet sniffers
B. Extract plaintext passwords, hashes, PIN codes, and Kerberos tickets using a tool like Mimikatz
C. Perform a PRobability INfinite Chained Elements (PRINCE) attack
D. Request a service ticket for the service principal name of the target service account

Q
During a red team engagement, an ethical hacker is tasked with testing the security measures of an organization’s wireless network. The hacker needs to select an appropriate tool to carry out a session hijacking attack. Which of the following tools should the hacker use to effectively perform session hijacking and subsequent security analysis, given that the target wireless network has the Wi-Fi Protected Access-preshared key (WPA-PSK) security protocol in place?
A. FaceNiff
B. Hetty
C. Droidsheep
D. bettercap

Q
A cybersecurity analyst in an organization is using the Common Vulnerability Scoring System to assess and prioritize identified vulnerabilities in their IT infrastructure. They encountered a vulnerability with a base metric score of 7, a temporal metric score of 8, and an environmental metric score of 5. Which statement best describes this scenario?
A. The vulnerability has a medium severity with a high likelihood of exploitability over time and a considerable impact in their specific environment
B. The vulnerability has a medium severity with a diminishing likelihood of exploitability over time, but a significant impact in their specific environment
C. The vulnerability has an overall high severity with a diminishing likelihood of exploitability over time, but it is less impactful in their specific environment
D. The vulnerability has an overall high severity, the likelihood of exploitability is increasing over time, and it has a medium impact in their specific environment

Q
As a cybersecurity analyst for SecureNet, you are performing a security assessment of a new mobile payment application. One of your primary concerns is the secure storage of customer data on the device. The application stores sensitive information such as credit card details and personal identification numbers (PINs) on the device. Which of the following measures would best ensure the security of this data?
A. Implement biometric authentication for app access.
B. Encrypt all sensitive data stored on the device.
C. Enable GPS tracking for all devices using the app.
D. Regularly update the app to the latest version.

Q
You have been hired as an intern at a start-up company. Your first task is to help set up a basic web server for the company’s new website. The team leader has asked you to make sure the server is secure from common – threats. Based on your knowledge from studying for the CEH exam, which of the following actions should be your priority to secure the web server?
A. Installing a web application firewall
B. limiting the number of concurrent connections to the server
C. Encrypting the company’s website with SSL/TLS
D. Regularly updating and patching the server software

Q
In your cybersecurity class, you are learning about common security risks associated with web servers. One topic that comes up is the risk posed by using default server settings. Why is using default settings ona web – server considered a security risk, and what would be the best initial step to mitigate this risk?
A. Default settings cause server malfunctions; simplify the settings
B. Default settings allow unlimited login attempts; setup account lockout
C. Default settings reveal server software type; change these settings
D. Default settings enable auto-updates; disable and manually patch

………………