ECCouncil Updated 312-50v13 Exam Questions and Answers by husna

1. AV (Asset value) = $300 + (14 * $10) = $440 - the cost of a hard drive plus the work of a recovery person, i.e.how much would it take to replace 1 asset? 10 hours for resorting the OS and soft + 4 hours for DB restore multiplies by hourly rate of the recovery person.

2. SLE (Single Loss Expectancy) = AV * EF (Exposure Factor) = $440 * 1 = $440

3. ARO (Annual rate of occurrence) = 1/3 (every three years, meaning the probability of occurring during 1 years is 1/3)

4. ALE (Annual Loss Expectancy) = SLE * ARO = 0.33 * $440 = $145.2

The scenario describes a method used to make a cryptographic key more secure by making it harder to brute-force. This process is called Key Stretching.

Key Stretching:

Takes a weak or short key and processes it through a function (often repeatedly) to produce a stronger, longer key.

Commonly used in password hashing (e.g., bcrypt, PBKDF2, scrypt).

Increases the computational time required to test each guess in a brute-force attack, effectively reducing attack feasibility.

Incorrect Options:

A. Key derivation function (KDF) is related but more general; key stretching is a specific technique often implemented within KDFs.

B. Key reinstallation is associated with WPA2 KRACK attacks.

C. Public key infrastructure (PKI) is a system of digital certificates, not a key strengthening technique.

Reference – CEH v13 Official Courseware:

Module 20: Cryptography

Section: “Password Hashing and Key Stretching Techniques”

Subsection: “bcrypt, PBKDF2, and Key Strengthening”

CEH iLab: Password Hashing and Cracking Simulations

Comprehensive and Detailed Explanation:

Blind SQL injection is used when the application does not return errors or display query results. In such cases, attackers use inference methods such as:

Boolean-based queries

Time-based queries (e.g., using SLEEP or WAITFOR DELAY)

Elliot’s use of timing delays indicates a time-based blind SQL injection.

From CEH v13 Courseware:

Module 10: Web Application Hacking → SQL Injection Types

Comprehensive Explanation from CEH v13 Courseware:

CEH v13 describes Firewalking as a reconnaissance technique designed to determine which layer-4 protocols and ports a firewall allows. The attacker sends packets with carefully adjusted TTL values so that the packet expires just beyond the firewall. If the next hop generates ICMP Time Exceeded responses, the attacker can infer which ports the firewall permits. This method mimics normal TTL behavior, making it stealthier than full SYN scans or high-noise probing. Firewalking is expressly highlighted in CEH as a low-profile way to map firewall ACLs without triggering alarms. Broadcast pings are noisy and detectable, passive DNS monitoring does not reveal firewall rule sets, and full SYN scans are easily flagged by IDS systems. Firewalking’s reliance on TTL behavior, combined with protocol-specific probes, makes it the correct and CEH-aligned technique for quietly discovering open ports and firewall filtering rules.