Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50v13

EC-Council 312-50v13 Exam
Certified Ethical Hacker v13 (Page 4 )

Updated On: 12-Feb-2026
Page 4 of 63
PDF with 574 Questions

While performing an Nmap scan against a host, Paola determines the existence of a firewall.

In an attempt to determine whether the firewall is stateful or stateless, which of the following options would be best to use?

  1. -sA
  2. -sX
  3. -sT
  4. -sF

Answer(s): A



A newly joined employee, Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors.

What is the type of vulnerability assessment performed by Martin?

  1. Database assessment
  2. Host-based assessment
  3. Credentialed assessment
  4. Distributed assessment

Answer(s): B



Jane, an ethical hacker, is testing a target organization’s web server and website to identify security loopholes. In this process, she copied the entire website and its content on a local drive to view the complete profile of the site’s directory structure, file structure, external links, images, web pages, and so on. This information helps Jane map the website’s directories and gain valuable information.

What is the attack technique employed by Jane in the above scenario?

  1. Session hijacking
  2. Website mirroring
  3. Website defacement
  4. Web cache poisoning

Answer(s): B



An organization is performing a vulnerability assessment for mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on the organization’s machines to detect which ports are attached to services such as an email server, a web server, or a database server. After identifying the services, he selected the vulnerabilities on each machine and started executing only the relevant tests.

What is the type of vulnerability assessment solution that James employed in the above scenario?

  1. Service-based solutions
  2. Product-based solutions
  3. Tree-based assessment
  4. Inference-based assessment

Answer(s): D



Taylor, a security professional, uses a tool to monitor her company’s website, analyze the website’s traffic, and track the geographical location of the users visiting the company’s website.

Which of the following tools did Taylor employ in the above scenario?

  1. Webroot
  2. Web-Stat
  3. WebSite-Watcher
  4. WAFW00F

Answer(s): B






Post your Comments and Discuss EC-Council 312-50v13 exam prep with other Community members:

Join the 312-50v13 Discussion