| Exam Name: | Certified Ethical Hacker Exam (CEHv13) | ||
| Exam Code: | 312-50v13 Dumps | ||
| Vendor: | ECCouncil | Certification: | CEH v13 |
| Questions: | 797 Q&A's | Shared By: | aylin |
During an authorized security assessment for a regional transportation authority in Sacramento, California, an ethical hacker is tasked with evaluating externally exposed web service interfaces used to exchange scheduling data with third-party transit applications.
As part of the engagement, the ethical hacker retrieves publicly accessible service description files and systematically analyzes them to understand the operations supported by the service. By reviewing these definitions, the tester identifies undocumented methods, expected input parameters, and response schemas that were not clearly outlined in the public integration documentation.
The activity provides a detailed understanding of the service’s available capabilities before deeper testing begins.
From the options below, identify the web service attack technique demonstrated in this scenario.
A regional logistics provider in Charlotte, North Carolina operates its shipment tracking and partner API services on an Apache web platform configured to support a modern multiplexed communication protocol to improve efficiency under concurrent load. During a controlled stress assessment, testers simulate sustained client activity that repeatedly initiates and completes numerous lightweight exchanges over persistent connections.
Over time, system monitoring reveals that memory utilization steadily increases despite stable request volume and no proportional rise in active sessions. Even after the simulated clients disconnect normally, resource usage does not return to baseline levels. After several cycles, the service becomes sluggish and must be restarted to restore normal responsiveness. No unusual disk activity or database errors are observed during the test window.
The behavior is only present when the multiplexed protocol mode is enabled; reverting to legacy handling eliminates the issue.
Which Apache vulnerability best explains this behavior?
An attacker uses many plaintext–ciphertext pairs and applies statistical analysis to XOR combinations of specific bits. Which technique is being used?
Malware remains dormant until triggered and changes its code with each infection. What malware type is responsible, and how should it be mitigated?