ECCouncil Updated 312-50v13 Exam Questions and Answers by chaim

According to the CEH Cryptography module, strong symmetric encryption algorithms are essential for protecting data confidentiality and obscuring traffic content.

AES (Advanced Encryption Standard) is the industry-standard symmetric encryption algorithm approved by NIST and recommended by CEH for encrypting data in transit and at rest. AES provides strong resistance against cryptanalysis and prevents attackers from deriving meaningful information from encrypted traffic.

Option D is correct because AES is efficient, secure, and widely implemented.

Option A (HMAC) provides integrity and authentication, not encryption.

Option B (RSA) is computationally expensive and not suitable for bulk traffic encryption.

Option C (DES) is deprecated due to weak key length.

CEH materials clearly recommend AES over legacy algorithms.

According to the Certified Ethical Hacker (CEH) attack methodology, once reconnaissance, footprinting, and website mirroring have been completed, the attacker proceeds cautiously to exploitation while maintaining stealth. CEH documentation emphasizes that low-noise, application-layer attacks are preferable when the objective is to minimize detection.

Option B, attempting SQL Injection, aligns directly with CEH’s Web Application Hacking module. SQL Injection is a server-side attack that can often be executed through normal-looking HTTP requests, making it less likely to trigger intrusion detection systems (IDS) or security alerts. CEH materials highlight SQL injection as a common and effective technique for extracting sensitive data such as usernames, passwords, and business-critical information without disrupting server operations.

Option A is incorrect because immediately modifying server configuration files after session hijacking significantly increases the risk of detection. CEH guidelines stress post-exploitation restraint, especially during red team operations.

Option C is not ideal at this stage because automated vulnerability scanners generate substantial traffic and are highly detectable. CEH explicitly notes that vulnerability scanning is noisy and often logged.

Option D is the least stealthy option. Brute-force attacks generate numerous failed authentication attempts, triggering security alerts and account lockouts. CEH classifies brute-force attacks as high-risk and easily detectable.

Therefore, SQL Injection represents the most effective and stealthy next step in accordance with CEH’s structured attack lifecycle.

The correct answer is MX. CEH reconnaissance material explains that MX, or Mail Exchange, records identify the mail servers responsible for receiving email for a domain. When a tester wants to understand how an organization handles incoming email traffic, MX records are the most relevant DNS data source because they reveal the designated mail infrastructure and often the priority order of mail servers. In this scenario, the objective is to gather passive intelligence about communication infrastructure without performing active network probing, so querying DNS records is appropriate. SOA records provide domain authority and zone administration information, TXT records often contain verification or policy-related text such as SPF details, and NS records identify authoritative name servers. While those can all contribute to broader reconnaissance, they do not directly answer which systems are responsible for receiving mail. CEH emphasizes that MX records are commonly used during footprinting to identify email infrastructure, support phishing simulations, analyze third-party mail providers, or map communication dependencies. Because the question explicitly asks for the DNS record type that reveals mail server configuration, MX is the correct choice.

The attack described is spear phishing because it is a targeted phishing attempt crafted for a specific individual using personal and organizational context. In CEH social engineering coverage, spear phishing differs from generic phishing by its customization: the attacker addresses the victim by name, references the victim’s job function, and tailors the message to create credibility and urgency. Here, the email is addressed specifically to Clara and mentions her role in the accounts team, which increases the likelihood she will trust the message and comply.

The message uses classic phishing psychological triggers emphasized in CEH materials: urgency and fear. By claiming a “critical system vulnerability” and threatening account suspension, the attacker pressures Clara to act quickly and ignore verification steps. The inclusion of a link to a login page that “resembles the company’s internal portal” indicates credential harvesting, where the attacker’s goal is to capture usernames and passwords or other authentication tokens. The subtle misspelling in the sender’s domain is a common indicator of lookalike or typosquatting domains used to mimic legitimate corporate email addresses and bypass casual inspection.

The other options do not match as well. Impersonation is a broader category, but spear phishing is the specific technique using an email lure with personalization. Quid pro quo involves offering a benefit or service in exchange for information, which is not present. Vishing is voice-based phishing via phone calls, not email. Recommended defenses in CEH guidance include verifying sender domains, using out-of-band confirmation with IT, enabling email security controls like SPF, DKIM, and DMARC, and enforcing phishing awareness training and MFA to reduce credential theft impact.