312-50v13 Exam Dumps - Certified Ethical Hacker Exam (CEHv13)

In CEH v13 Module 17: Mobile and IoT Security, Advanced SMS Phishing (also known as SMiShing) is described as a technique where attackers impersonate trusted entities via SMS to:

Trick users into entering authentication codes or PINs.

Deliver malicious payloads or alter device configurations.

Simulate OTA (Over-the-Air) provisioning messages.

In this case:

The attacker sends a fake OTA setup message asking for a PIN.

Once Ben enters the PIN, the device's configuration is hijacked.

Why Others Are Incorrect:

B. Bypass SSL pinning: Relates to mobile app reverse engineering and traffic interception.

C. Phishing: General term; SMS-specific variant is more accurate here.

D. Tap ‘n ghost: A touch screen manipulation attack, unrelated to messaging.

Correct answer is A. Advanced SMS phishing.

CEH v13 describes Agent Smith–style attacks as malicious Android operations where an app silently replaces legitimate applications by exploiting weaknesses in the Android app update and installation processes. These attacks often begin when users download seemingly innocent apps from untrusted third-party marketplaces. Once installed, the malicious application injects harmful code into other apps, overwriting them while preserving their icons and interface, allowing the attacker to harvest credentials, display ads, or maintain persistence without detection. CEH explains that this technique takes advantage of Android’s APK structure, sideloading vulnerabilities, and lack of signature validation in compromised environments. Simjacker (Option A) targets SIM toolkit vulnerabilities and does not replace apps. Man-in-the-Disk (Option B) abuses external storage operations but does not overwrite applications. Camfecting (Option D) refers to hijacking smartphone cameras. The described malicious replacement of legitimate apps exactly matches the Agent Smith attack pattern.

Mobile Remote Access Trojans (RATs) are highlighted in CEH v13 Mobile Platform Hacking as one of the most dangerous threats. Once installed, a mobile RAT provides attackers persistent, covert access to devices, allowing screen capture, keystroke logging, microphone activation, and data exfiltration.

Unlike MitM or clickjacking, RATs operate post-compromise, often disguised as legitimate apps. Jailbreaking is detectable via integrity checks, but RATs can remain hidden even on non-rooted devices.

CEH v13 emphasizes that RATs bypass traditional defenses, including antivirus and MDM, making them extremely difficult to detect. Hence, Option C is correct.

CEH v13 states that vulnerabilities with a CVSS score ≥ 9.0 are critical and require immediate containment. When remote code execution is possible, the system may already be compromised.

The recommended response is to isolate the affected system, preventing lateral movement, then perform a forensic audit before applying patches. Immediate patching without isolation may alert attackers or destroy evidence.

Thus, option D aligns with CEH incident response best practices.

Vulnerability scanning software is a tool that can help security analysts identify and prioritize known vulnerabilities in their systems and applications. However, it is not a perfect solution and has some limitations that need to be considered. One of the most critical limitations is that vulnerability scanning software is not immune to software engineering flaws that might lead to serious vulnerabilities being missed. This means that the software itself might have bugs, errors, or oversights that could affect its accuracy, reliability, or performance. For example, the software might:

Fail to detect some vulnerabilities due to incomplete or outdated databases, incorrect signatures, or insufficient coverage of the target system or application.

Produce false positives or false negatives due to misinterpretation of the scan results, incorrect configuration, or lack of context or validation.

Cause unintended consequences or damage to the target system or application due to intrusive or aggressive scanning techniques, such as exploiting vulnerabilities, modifying data, or crashing services.

Be vulnerable to attacks or compromise by malicious actors who could exploit its weaknesses, tamper with its functionality, or steal its data.

Therefore, the security analyst should be most cautious about this limitation of vulnerability scanning software, as it could lead to a false sense of security, missed opportunities for remediation, or increased exposure to threats. The security analyst should always verify the scan results, use multiple tools and methods, and update and patch the software regularly to mitigate this risk.

Comprehensive and Detailed Explanation:

SIEM (Security Information and Event Management) systems aggregate logs and alerts from across the network—servers, routers, firewalls, IDS/IPS, and applications—and correlate that data to identify suspicious or malicious activity.

They provide:

Real-time alerting

Long-term log storage

Compliance reporting

Incident response facilitation

From CEH v13 Courseware:

Module 12: Evading IDS, Firewalls, and Honeypots → SIEM Tools

This scenario is a textbook example of a Whaling Attack, a highly targeted phishing technique described in the CEH v13 Social Engineering module. Whaling specifically targets senior executives or high-ranking individuals, exploiting their authority, access privileges, and decision-making roles.

In the given case, the attacker crafts a personalized email, impersonates the CEO, and uses legitimate corporate branding to build trust. The malicious PDF attachment delivers a backdoor, aligning with CEH v13 descriptions of advanced spear-phishing techniques used against executives.

CEH v13 differentiates whaling from other phishing types:

Broad phishing targets large groups indiscriminately.

Pharming redirects users via DNS manipulation.

Email clone attacks copy legitimate emails but typically target peers, not executives.

Whaling attacks are particularly dangerous because executives often bypass security scrutiny and possess elevated system access. CEH v13 emphasizes executive awareness training as a key mitigation strategy.

Therefore, the correct answer is Whaling attack aimed at high-ranking personnel.

A rootkit is a type of stealth malware designed to hide the existence of certain processes or programs from normal detection methods. It can:

Hide itself and other processes

Conceal files and registry entries

Intercept system calls or keystrokes (keylogging)

Maintain persistent access

From CEH v13 Courseware:

Module 6: Malware Threats → Rootkits

Incorrect Options:

A: A Trojan may offer remote access but doesn't necessarily hide itself.

C: DoS tools are used to overload systems, not hide.

D: Scanners detect vulnerabilities, not conceal activities.

E: A backdoor may provide unauthorized access, but rootkits focus on hiding.