Summer Special Sale - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

Page: 1 / 16
Total 239 questions
Exam Code: 312-50v13                Update: Jul 14, 2026
Exam Name: Certified Ethical Hacker Exam (CEHv13)

ECCouncil Certified Ethical Hacker Exam (CEHv13) 312-50v13 Exam Dumps: Updated Questions & Answers (July 2026)

Question # 1

What is the correct order of the five phases of ethical hacking?

A.

Gaining Access → Maintaining Access → Covering Tracks → Reconnaissance → Scanning

B.

Maintaining Access → Covering Tracks → Reconnaissance → Scanning → Gaining Access

C.

Reconnaissance → Scanning → Gaining Access → Maintaining Access → Covering Tracks

D.

Scanning → Reconnaissance → Gaining Access → Covering Tracks → Maintaining Access

Question # 2

Dr. Evelyn Reed, a cybersecurity expert, was called in to investigate a series of unusual activities at " Global Innovations Inc. " The first red flag was a surge in spear-phishing emails targeting senior management, disguised as urgent internal memos. Soon after, the company ' s web server showed unexpected outbound traffic to unfamiliar IP addresses. A network audit revealed that multiple underutilized printers and routers had unauthorized firmware installed. Further review uncovered inconsistencies in file access logs linked to the R & D department, including unusually large data transfers occurring during non-business hours. Dr. Reed also noted the attackers appeared to have intimate knowledge of the organization ' s internal data structure.

Which phase of the Advanced Persistent Threat (APT) lifecycle is Global Innovations Inc. most likely experiencing, given the combination of these incidents?

A.

Initial Intrusion

B.

Expansion

C.

Search and Exfiltration

D.

Persistence

Question # 3

At a smart retail outlet in San Diego, California, ethical hacker Sophia Bennett assesses IoT-based inventory sensors that synchronize with a cloud dashboard. She discovers that sensitive business records are sent across the network without encryption and are also stored in a retrievable format on the provider ' s cloud platform.

Which IoT attack surface area is most directly demonstrated in this finding?

A.

Insecure ecosystem interfaces

B.

Insecure data transfer and storage

C.

Insecure network services

D.

Insecure default settings

Question # 4

A cybersecurity team at a cloud infrastructure provider in San Jose, California, initiated a structured vulnerability evaluation across its production environment. The scanning process began by identifying communication protocols active on each host. Once the protocols were cataloged, the platform analyzed which services were associated with those ports and dynamically selected only the vulnerability tests relevant to those detected services. The scanning logic adjusted automatically based on discoveries made during execution. Which vulnerability assessment approach is illustrated in this scenario?

A.

Inference-Based Assessment

B.

Service-Based Solutions

C.

Product-Based Solutions

D.

Tree-Based Assessment

Question # 5

Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?

A.

hashing algorithms

B.

integrity algorithms

C.

symmetric algorithms

D.

asymmetric algorithms

Question # 6

A penetration tester finds that a web application does not properly validate user input and is vulnerable to reflected Cross-Site Scripting (XSS). What is the most appropriate approach to exploit this vulnerability?

A.

Perform a brute-force attack on the user login form to steal credentials

B.

Embed a malicious script in a URL and trick a user into clicking the link

C.

Inject a SQL query into the search form to attempt SQL injection

D.

Use directory traversal to access sensitive files on the server

Question # 7

A global media streaming platform experiences traffic surges every 10 minutes, with spikes over 300 Gbps followed by quiet intervals. Which DDoS attack explains this behavior?

A.

UDP flood sustained attack

B.

Recursive HTTP GET flood

C.

Permanent DoS (PDoS)

D.

Pulse Wave attack

Question # 8

A penetration tester is assessing a web application that uses dynamic SQL queries for searching users in the database. The tester suspects the search input field is vulnerable to SQL injection. What is the best approach to confirm this vulnerability?

A.

Input DROP TABLE users; -- into the search field to test if the database query can be altered

B.

Inject JavaScript into the search field to test for Cross-Site Scripting (XSS)

C.

Use a directory traversal attack to access server configuration files

D.

Perform a brute-force attack on the user login page to guess weak passwords

Question # 9

An ethical hacker audits a hospital’s wireless network secured with WPA using TKIP and successfully performs packet injection and decryption attacks. Which WPA vulnerability most likely enabled this?

A.

Use of weak Initialization Vectors (IVs)

B.

Dependence on weak passwords

C.

Lack of AES-based encryption

D.

Predictable Group Temporal Key (GTK)

Question # 10

In the heart of Silicon Valley, ethical hacker Sophia Nguyen is hired by InnoVate Solutions, a San Francisco-based startup, to secure their cloud-based task management platform. On March 15, 2025, Sophia begins testing a feature that allows users to upload custom workflow templates to streamline project assignments. By carefully crafting a template file, she manipulates the platform’s data processing, triggering unexpected behavior that grants her administrative access to restricted project dashboards. The issue arises from the platform’s handling of user-supplied data during object reconstruction, not from database queries, client-side code execution, or session manipulation. Sophia documents her findings to help InnoVate’s developers strengthen their application.

Which web application vulnerability is Sophia most likely exploiting in InnoVate Solutions’ task management platform?

A.

Session Hijacking

B.

Local File Inclusion

C.

Verbose Error Messages

D.

Insecure Deserialization

Question # 11

On July 25, 2025, during a security assessment at Apex Technologies in Boston, Massachusetts, ethical hacker Sophia Patel conducts a penetration test to evaluate the company’s defenses against a simulated DDoS attack targeting their e-commerce platform. The simulated attack floods the platform with traffic from multiple sources, attempting to overwhelm server resources. The IT team activates a specific tool that successfully mitigates this attack by distributing traffic across multiple servers and filtering malicious requests. Sophia’s test aims to verify the effectiveness of this tool in maintaining service availability.

Which DoS DDoS protection tool is most likely being utilized by the IT team in this scenario?

A.

Web Application Firewall WAF

B.

Load Balancer

C.

Intrusion Prevention System IPS

D.

Firewall

Question # 12

Noah, a security analyst at a Seattle-based healthcare provider, is responding to a real-time data breach where attackers accessed patient records stored on a compromised server. During incident response, he must quickly secure sensitive files located on the system’s primary storage to prevent further exfiltration. The data resides in a mounted partition that needs full-volume encryption, but standard file encryption isn’t sufficient. Noah selects a solution that supports encrypted containers, strong key lengths like 256-bit AES, and can conceal secure volumes within standard ones to reduce detection. His goal is to ensure confidentiality while forensic operations continue without disrupting system functionality.

Which disk encryption tool should Noah deploy to meet these objectives?

A.

BitLocker Drive Encryption

B.

FileVault

C.

Rohos Disk Encryption

D.

VeraCrypt

Question # 13

During a penetration test at a shipping company in Miami, ethical hacker Daniel delivers a disguised email attachment containing a hidden payload. Once executed by employees, the compromised workstations begin to silently communicate with a remote server under Daniel’s control. Over the following week, he confirms that multiple infected endpoints can receive synchronized commands and perform background tasks simultaneously, including sending bursts of outbound traffic on demand.

Which type of malicious component is Daniel most likely simulating in this assessment?

A.

Spyware

B.

Botnet Agents

C.

Scareware

D.

Potentially Unwanted Applications (PUAs)

Question # 14

Packet fragmentation is used as an evasion technique. Which IDS configuration best counters this?

A.

Recognizing regular fragmented packet intervals

B.

Anomaly-based IDS detecting irregular traffic patterns

C.

Rejecting all fragmented packets

D.

Signature-based IDS detecting fragmented packet signatures

Question # 15

A penetration tester is assessing a company ' s HR department for vulnerability to social engineering attacks using knowledge of recruitment and onboarding processes. What is the most effective technique to obtain network access credentials without raising suspicion?

A.

Develop a fake social media profile to connect with HR employees and request sensitive information

B.

Create a convincing fake onboarding portal that mimics the company’s internal systems

C.

Send a generic phishing email with a link to a fake HR policy document

D.

Conduct a phone call posing as a new employee to request password resets

Page: 1 / 16
Total 239 questions

Most Popular Certification Exams

Payment

       

Contact us

Site Secure

mcafee secure

TESTED 14 Jul 2026