ECCouncil Updated 312-50v13 Exam Questions and Answers by elis

According to CEH v13 Network Scanning and Enumeration, ICMP Echo Requests (ping) are commonly filtered by firewalls and intrusion prevention systems to reduce network reconnaissance exposure. When ICMP Echo Replies are not returned but other services remain operational, the most likely explanation is ICMP filtering rather than host unavailability or compromise.

CEH v13 explicitly states that many organizations configure firewalls to block ICMP Echo Requests while allowing other ICMP types or higher-layer protocols. This practice helps prevent attackers from easily mapping live hosts during the reconnaissance phase.

The other options are incorrect because:

Unused IPs would not necessarily have active services.

A breach would typically present additional symptoms.

Network congestion would affect multiple protocols, not just ICMP.

Thus, blocked ICMP is the correct interpretation.

The correct answer is D. TCP/IP Hijacking.

The scenario describes an attacker targeting an already established TCP session and injecting crafted packets into the communication stream. CEH-aligned material describes TCP/IP hijacking as a network-level attack on a TCP session in which the attacker predicts or uses sequence-number information and injects spoofed packets into the session. It also explains that sniffing tools may be used to capture packets and extract sequence-number information before injecting spoofed traffic .

Option A. UDP Hijacking is incorrect because the scenario specifically involves TCP communication, not UDP.

Option B. RST Hijacking is incorrect because RST hijacking involves sending spoofed reset packets to terminate or reset a TCP connection, not taking over the session to issue commands.

Option C. Blind Hijacking is incorrect because blind hijacking occurs when the attacker cannot capture return traffic. In this scenario, the consultant is monitoring internal traffic and injecting into the observed session.

Option D. TCP/IP Hijacking is correct because the consultant is manipulating an active TCP communication channel and injecting packets as part of the established session.

Therefore, the best answer is D. TCP/IP Hijacking.

In CEH v13 Mobile, IoT, and OT Hacking, Bluetooth Low Energy (BLE) attacks often involve capturing pairing exchanges. If the Long-Term Key (LTK) is not captured, decryption is not immediately possible.

CEH v13 explains that in such cases, attackers may attempt Btlejacking, which hijacks an existing BLE connection rather than decrypting it. This allows command injection and data manipulation without needing the LTK.

Options A and B are incorrect because decryption is not the only attack path. hcitool is for discovery, not exploitation. Therefore, Option D is correct.

The correct answer is A. Insecure Design.

The issue is not just a single input validation bug. The scenario describes recurring weaknesses across multiple applications, inconsistent controls between teams, and the need to standardize security requirements across future development efforts. That points to a design-level problem, not just a patching or configuration issue.

CEH-aligned secure development material emphasizes that threat modeling identifies and reviews threats, trust boundaries, data flows, vulnerabilities, and weaknesses in application security design . Web application mitigation guidance also identifies server-side validation, whitelisting or blacklisting of input characters, sanitization, output validation, encoding, prepared statements, parameterized queries, and bind variables as mitigations for input validation flaws .

Option B. Broken Access Control is incorrect because the scenario focuses on inconsistent input-handling and validation design, not unauthorized access to functions or objects.

Option C. Security Misconfiguration is incorrect because the root problem is not an incorrectly configured server or framework setting.

Option D. Cryptographic Failures / Sensitive Data Exposure is incorrect because the issue is not about weak encryption or exposure of protected data through cryptographic failure.

Therefore, the best answer is A. Insecure Design.