312-50v13 Exam Dumps - Certified Ethical Hacker Exam (CEHv13)

Firewalking is a technique used to determine what layer 4 protocols a firewall will allow by sending crafted packets with TTL values that expire at the firewall and analyzing ICMP Time Exceeded responses. This helps in determining what ports and services are allowed through a firewall.

📘 Reference – CEH v13 Study Guide, Module 11: Evading IDS, Firewalls, and Honeypots

“Firewalking is a technique used to gather information about firewalls and their rule sets by sending packets with TTL values that expire at the firewall.”

❌ Incorrect options:

A. Session hijacking refers to taking over an active session.

C. MITM attacks involve intercepting communications between two parties.

D. Network sniffing involves capturing packets, not probing firewall rules.

A DNS zone file contains resource records (RRs) that define mappings and configurations for domains and subdomains. The standard records found in a zone file include:

SOA (Start of Authority): Indicates the beginning of the zone file.

NS (Name Server): Specifies the authoritative name servers.

A (Address): Maps hostnames to IPv4 addresses.

MX (Mail Exchange): Specifies mail servers.

These records are essential for the DNS resolution process and mail routing.

From CEH v13 Official Courseware:

Module 3: DNS Enumeration

Topic: DNS Record Types

CEH v13 Study Guide states:

“A zone file contains all the resource records including SOA, NS, A, and MX. These define name server authority, IP resolution, and mail server routing.”

Incorrect Options:

A: DNS is a protocol, not a resource record.

B: PTR is for reverse DNS, typically in a separate reverse zone file.

C: AXFR is a DNS transfer mechanism, not an RR in the zone file.

The command in question:

wget 192.168.0.15 -q -S

wget is a command-line utility used to retrieve files via HTTP, HTTPS, or FTP.

-q (quiet mode): Suppresses output, except for errors.

-S: Displays the server response headers (even in quiet mode).

In this case, wget is being used to connect to the specified web server (192.168.0.15) and retrieve the HTTP response headers — such as the Server field (e.g., Apache, Nginx), HTTP status codes, and other metadata.

This is a classic example of banner grabbing — the process of capturing metadata (often from headers) to identify the software, version, or configuration of a service.

Incorrect Options:

A. Content enumeration would require directory brute-forcing tools like DirBuster or Gobuster.

C. DoS attacks require high volumes of traffic or specially crafted packets; wget with a single request does not perform flooding.

D. Downloading full site contents would involve options like -r (recursive) or --mirror, which are not used in this command.

Reference – CEH v13 Official Courseware:

Module 03: Scanning Networks

Section: “Banner Grabbing”

Tool Reference: wget, netcat, telnet, curl for banner enumeration

https://en.wikipedia.org/wiki/MAC_filtering

MAC filtering is a security method based on access control. Each address is assigned a 48-bit address, which is used to determine whether we can access a network or not. It helps in listing a set of allowed devices that you need on your Wi-Fi and the list of denied devices that you don’t want on your Wi-Fi. It helps in preventing unwanted access to the network. In a way, we can blacklist or white list certain computers based on their MAC address. We can configure the filter to allow connection only to those devices included in the white list. White lists provide greater security than blacklists because the router grants access only to selected devices.

It is used on enterprise wireless networks having multiple access points to prevent clients from communicating with each other. The access point can be configured only to allow clients to talk to the default gateway, but not other wireless clients. It increases the efficiency of access to a network.

The router allows configuring a list of allowed MAC addresses in its web interface, allowing you to choose which devices can connect to your network. The router has several functions designed to improve the network's security, but not all are useful. Media access control may seem advantageous, but there are certain flaws.

On a wireless network, the device with the proper credentials such as SSID and password can authenticate with the router and join the network, which gets an IP address and access to the internet and any shared resources.

MAC address filtering adds an extra layer of security that checks the device’s MAC address against a list of agreed addresses. If the client’s address matches one on the router’s list, access is granted; otherwise, it doesn’t join the network.

WHOIS is an Internet service that allows users to query domain name registries to retrieve information about registered domain names. It includes data such as:

Registrant’s name and contact information

Domain creation and expiration dates

Registrar details and name servers

WHOIS is often used during the reconnaissance phase in penetration testing.

Reference – CEH v13 Official Study Guide:

Module 2: Footprinting and Reconnaissance

Quote:

“WHOIS databases provide public domain registration details including contact names, email addresses, and registrar information. This is useful for initial reconnaissance.”

Incorrect Options:

B. CAPTCHA is used to distinguish human users from bots.

C. IANA oversees global IP address allocation and DNS root zone management.

D. IETF is responsible for internet standards, not registrant databases.

===========