Online Access Free ECCouncil.312-50v12.v2024-11-01.q235 Practice Test (Page 5)

312-50v12 Exam Question 16

An attacker utilizes a Wi-Fi Pineapple to run an access point with a legitimate-looking SSID for a nearby business in order to capture the wireless password. What kind of attack is this?

A.MAC spoofing attack

B.Evil-twin attack

C.War driving attack

D.Phishing attack

312-50v12 Exam Question 17

An attacker can employ many methods to perform social engineering against unsuspecting employees, including scareware.
What is the best example of a scareware attack?

A.A banner appears to a user stating, "Your Amazon order has been delayed. Click here to find out your new delivery date."

B.A pop-up appears to a user stating, "You have won a free cruise! Click here to claim your prize!"

C.A pop-up appears to a user stating, "Your computer may have been infected with spyware. Click here to install an anti-spyware tool to resolve this issue."

D.A banner appears to a user stating, "Your account has been locked. Click here to reset your password and unlock your account."

312-50v12 Exam Question 18

As an IT Security Analyst, you've been asked to review the security measures of an e-commerce website that relies on a SQL database for storing sensitive customer data. Recently, an anonymous tip has alerted you to a possible threat: a seasoned hacker who specializes in SQL Injection attacks may be targeting your system. The site already employs input validation measures to prevent basic injection attacks, and it blocks any user inputs containing suspicious patterns. However, this hacker is known to use advanced SQL Injection techniques.
Given this situation, which of the following strategies would the hacker most likely adopt to bypass your security measures?

A.The hacker could deploy an 'out-of-band' SQL Injection attack, extracting data via a different communication channel, such as DNS or HTTP requests

B.The hacker may resort to a DDoS attack instead, attempting to crash the server and thus render the e commerce site unavailable

C.The hacker may try to use SQL commands which are less known and less likely to be blocked by your system's security

D.The hacker might employ a blind' SQL Injection attack, taking advantage of the application's true or false responses to extract data bit by bit

312-50v12 Exam Question 19

Which of the following is the primary objective of a rootkit?

A.It opens a port to provide an unauthorized service

B.It creates a buffer overflow

C.It replaces legitimate programs

D.It provides an undocumented opening in a program

312-50v12 Exam Question 20

Calvin, a grey-hat hacker, targets a web application that has design flaws in its authentication mechanism. He enumerates usernames from the login form of the web application, which requests users to feed data and specifies the incorrect field in case of invalid credentials. Later, Calvin uses this information to perform social engineering.
Which of the following design flaws in the authentication mechanism is exploited by Calvin?

A.Verbose failure messages

B.Password reset mechanism

C.User impersonation

D.Insecure transmission of credentials

Other Version: 6219ECCouncil.312-50v12.v2025-02-24.q232; 1848ECCouncil.312-50v12.v2023-05-03.q222; 1799ECCouncil.312-50v12.v2023-03-06.q192

Latest Upload: 140NREMT.EMT.v2026-06-06.q125; 123Juniper.JN0-232.v2026-06-06.q60; 151Oracle.1D0-1057-25-D.v2026-06-03.q29; 278NAHQ.CPHQ.v2026-06-03.q396; 257CompTIA.220-1201.v2026-06-03.q196; 161GIAC.GCFE.v2026-06-03.q78; 157HIMSS.CPHIMS.v2026-06-03.q45; 237Google.Professional-Cloud-Architect.v2026-06-03.q165; 165HP.HPE7-A09.v2026-06-02.q48; 175ACDIS.CCDS-O.v2026-06-02.q56

312-50v12 Exam Question 16

312-50v12 Exam Question 17

312-50v12 Exam Question 18

312-50v12 Exam Question 19

312-50v12 Exam Question 20

Download PDF File