312-50v13 Exam Dumps - Certified Ethical Hacker Exam (CEHv13)

Digital signatures are designed to provide two key guarantees:

Authenticity – confirming the identity of the sender.

Unforgeability – ensuring that no one else can produce the same signature without the sender’s private key.

These properties are achieved using a combination of hash functions and asymmetric encryption (digital certificates/private keys).

Reference – CEH v13 Official Study Guide:

Module 20: Cryptography

Quote:

“A valid digital signature ensures that the message comes from a legitimate sender (authenticity) and has not been altered or forged (unforgeability).”

Incorrect Options:

A, C, D: Refer to human/visual signatures, not cryptographic properties

=

A counter-based authentication system is based on the HOTP (HMAC-Based One-Time Password) algorithm. It uses a shared secret and a moving counter to generate a one-time password (OTP). Each time the counter is incremented, a new OTP is generated and encrypted using the secret key.

Reference – CEH v13 Official Study Guide:

Module 5: System Hacking

Quote:

“HOTP generates a one-time password using a counter value and a secret key. This is a form of two-factor authentication, and the passwords are encrypted.”

Incorrect Options Explained:

A & B. These describe biometric systems, not counter-based OTPs.

D. Virtual passwords from passphrases are not counter-based systems.

=

Before implementing auditing, it is crucial to assess how enabling this feature will impact system resources, performance, and storage. Auditing can generate significant logs and place additional load on systems, especially in environments handling sensitive data such as banking.

Understanding the impact helps determine if the current infrastructure can handle the overhead or if optimizations or upgrades are needed beforehand.

Reference – CEH v13 Official Study Guide:

Module 5: System Hacking

Section: Enabling Auditing and Logging

Quote:

“Before enabling auditing, organizations must assess the performance and storage impact. Improper implementation can result in performance degradation or missed logs.”

Incorrect Options Explained:

A. Vulnerability scanning is important but not directly related to audit implementation.

C. Cost-benefit analysis comes after understanding operational impact.

D. Staffing is a planning step, not the first technical action.

=

Btlejack is a tool used for attacking Bluetooth Low Energy (BLE) connections, including sniffing, jamming, and hijacking.

The -f option specifies the access address of the BLE connection.

The -j option is used to hijack an active BLE connection.

Therefore, the correct syntax to hijack a BLE connection is:

btlejack -f [access_address] -j

This matches Option A: btlejack -f 0x129f3244 -j

Incorrect Options:

B. -c any is used for sniffing any advertising packet but not for hijacking.

C. -d specifies device paths; -s starts a scan but does not hijack.

D. This is likely a malformed or unrelated command in the context of hijacking.

Reference – CEH v13 Official Courseware:

Module 18: IoT and OT Hacking

Section: “Bluetooth Low Energy (BLE) Attacks”

Tool Focus: “Btlejack Command Usage”

CEH iLab: Btlejacking with micro:bit

https://ru.wikipedia.org/wiki/DNS_spoofing

DNS spoofing is a threat that copies the legitimate server destinations to divert the domain's traffic. Ignorant these attacks, the users are redirected to malicious websites, which results in insensitive and personal data being leaked. It is a method of attack where your DNS server is tricked into saving a fake DNS entry. This will make the DNS server recall a fake site for you, thereby posing a threat to vital information stored on your server or computer.

The cache poisoning codes are often found in URLs sent through spam emails. These emails are sent to prompt users to click on the URL, which infects their computer. When the computer is poisoned, it will divert you to a fake IP address that looks like a real thing. This way, the threats are injected into your systems as well.

Different Stages of Attack of DNS Cache Poisoning:

- The attacker proceeds to send DNS queries to the DNS resolver, which forwards the Root/TLD authoritative DNS server request and awaits an answer.

- The attacker overloads the DNS with poisoned responses that contain several IP addresses of the malicious website. To be accepted by the DNS resolver, the attacker's response should match a port number and the query ID field before the DNS response. Also, the attackers can force its response to increasing their chance of success.

- If you are a legitimate user who queries this DNS resolver, you will get a poisoned response from the cache, and you will be automatically redirected to the malicious website.

CEH v13 classifies application-layer DoS attacks as the most difficult to detect and mitigate. A distributed SQL injection-based DoS exploits database query processing by overwhelming backend systems with malicious but syntactically valid requests.

Unlike volumetric attacks, this method generates low-bandwidth, high-impact traffic that appears legitimate. Traditional DDoS protections often fail to identify such traffic, especially when it targets authenticated services like online banking.

UDP floods, Smurf attacks, and ICMP-based attacks are well-known and more easily mitigated with rate limiting and filtering. Zero-day exploits cause service disruption but are not primarily DoS techniques.

CEH v13 highlights that application-layer DoS attacks blend seamlessly with normal traffic patterns, making them exceptionally challenging. Thus, option A is correct.

 DHCP.MIB: Monitors network traffic between DHCP servers and remote hosts

â–  HOSTMIB.MIB: Monitors and manages host resources

â–  LNMIB2.MIB: Contains object types for workstation and server services

â–  MIBJI.MIB: Manages TCP/IP-based Internet using a simple architecture and system

â–  WINS.MIB: For the Windows Internet Name Service (WINS)

A NOP (No Operation) instruction tells the CPU to do nothing for one instruction cycle. In exploit development:

A NOP sled is a long sequence of NOPs (0x90) that increases the chance of the instruction pointer landing before the shellcode.

0x90 is the x86 opcode for the NOP instruction.

From CEH v13 Courseware:

Module 6: Malware Threats → Shellcode and Buffer Overflow