Eccouncil dumpskey helping Hand Questions For 312-50v12 by Alexia q151 vce pdf

Page: 19 / 42

Exam Name:	Certified Ethical Hacker Exam (CEHv12)
Exam Code:	312-50v12 Dumps
Vendor:	ECCouncil	Certification:	CEH v12
Questions:	572 Q&A's	Shared By:	alexia

Question 76

Which among the following is the best example of the third step (delivery) in the cyber kill chain?

Options:

An intruder sends a malicious attachment via email to a target.

An intruder creates malware to be used as a malicious attachment to an email.

An intruder's malware is triggered when a target opens a malicious email attachment.

An intruder's malware is installed on a target's machine.

Discussion

Question 77

Lewis, a professional hacker, targeted the loT cameras and devices used by a target venture-capital firm. He used an information-gathering tool to collect information about the loT devices connected to a network, open ports and services, and the attack surface area. Using this tool, he also generated statistical reports on broad usage patterns and trends. This tool helped Lewis continually monitor every reachable server and device on the Internet, further allowing him to exploit these devices in the network. Which of the following tools was employed by Lewis in the above scenario?

Options:

Censys

Wapiti

NeuVector

Lacework

Discussion

Question 78

An ethical hacker is testing a web application of a financial firm. During the test, a 'Contact Us' form's input field is found to lack proper user input validation, indicating a potential Cross-Site Scripting (XSS) vulnerability. However, the application has a stringent Content Security Policy (CSP) disallowing inline scripts and scripts from external domains but permitting scripts from its own domain. What would be the hacker's next step to confirm the XSS vulnerability?

Options:

Try to disable the CSP to bypass script restrictions

Inject a benign script inline to the form to see if it executes

Utilize a script hosted on the application's domain to test the form

Load a script from an external domain to test the vulnerability

Discussion

Answer:

Explanation:

Explanation:

The hacker’s next step to confirm the XSS vulnerability would be to utilize a script hosted on the application’s domain to test the form. This is because the application’s CSP allows scripts from its own domain, but not from inline or external sources. Therefore, the hacker can try to inject a payload that references a script file on the same domain as the application, such as:

where script.js contains some benign code, such as alert('XSS') or print('XSS'). If the script executes in the browser, then the hacker has confirmed the XSS vulnerability. Otherwise, the CSP has blocked the script and prevented the XSS attack.

The other options are not feasible or effective for the following reasons:

A. Try to disable the CSP to bypass script restrictions: This option is not feasible because the hacker cannot disable the CSP on the server side, and the browser enforces the CSP on the client side. The hacker would need to modify the browser settings or use a browser extension to disable the CSP, but this would not affect the victim’s browser or the application’s security.
B. Inject a benign script inline to the form to see if it executes: This option is not effective because the application’s CSP disallows inline scripts, meaning scripts that are embedded in the HTML code. Therefore, the hacker would not be able to inject a script tag or an event handler attribute that contains some code, such as:

The CSP would block these scripts and prevent the XSS attack.

D. Load a script from an external domain to test the vulnerability: This option is not effective because the application’s CSP disallows scripts from external domains, meaning scripts that are loaded from a different domain than the application. Therefore, the hacker would not be able to inject a script tag that references a script file on another domain, such as:

The CSP would block these scripts and prevent the XSS attack.

References:

1: Content Security Policy (CSP) - HTTP | MDN
2: What is Content Security Policy (CSP) | Header Examples | Imperva
3: Content-Security-Policy (CSP) Header Quick Reference
4: What is cross-site scripting (XSS)? - PortSwigger
5: Cross Site Scripting (XSS) | OWASP Foundation
6: The Impact of Cross-Site Scripting Vulnerabilities and their Prevention
7: XSS Vulnerability 101: Identify and Stop Cross-Site Scripting

Question 79

Tony is a penetration tester tasked with performing a penetration test. After gaining initial access to a target

system, he finds a list of hashed passwords.

Which of the following tools would not be useful for cracking the hashed passwords?

Options:

John the Ripper

Hashcat

netcat

THC-Hydra

Discussion

Annabel

I recently used them for my exam and I passed it with excellent score. I am impressed.

Amirah Oct 28, 2024

I passed too. The questions I saw in the actual exam were exactly the same as the ones in the Cramkey Dumps. I was able to answer the questions confidently because I had already seen and studied them.

Miley

Hey, I tried Cramkey Dumps for my IT certification exam. They are really awesome and helped me pass my exam with wonderful score.

Megan Aug 30, 2024

That’s great!!! I’ll definitely give it a try. Thanks!!!

Vienna

I highly recommend them. They are offering exact questions that we need to prepare our exam.

Jensen Oct 9, 2024

That's great. I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!

Ayra

How these dumps are necessary for passing the certification exam?

Damian Oct 22, 2024

They give you a competitive edge and help you prepare better.