ECCouncil 312-50v13 Actual Questions

Covert channel communication is one of the most sophisticated evasion techniques described in CEH v13 Evasion Techniques. By embedding malicious data within unused or rarely inspected protocol fields (such as IP headers), attackers can bypass firewalls, IDS, and IPS systems entirely.

Unlike polymorphic malware (Option C), which can still be detected using behavior analysis, covert channels blend seamlessly into legitimate traffic. Packet fragmentation (Option D) is well-known and often mitigated. Honeypot spoofing (Option B) is rare and defensive in nature.

CEH v13 emphasizes that covert channels are difficult because:

They do not violate protocol specifications

They evade signature-based and stateful inspection

They appear as normal traffic

Detecting covert channels often requires deep protocol analysis and statistical traffic inspection, making them extremely challenging to mitigate.

Thus, Option A is the correct answer.

Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.

Social engineering attacks typically involve some form of psychological manipulation, fooling otherwise unsuspecting users or employees into handing over confidential or sensitive data. Commonly, social engineering involves email or other communication that invokes urgency, fear, or similar emotions in the victim, leading the victim to promptly reveal sensitive information, click a malicious link, or open a malicious file. Because social engineering involves a human element, preventing these attacks can be tricky for enterprises.

Digital signatures are designed to provide two key guarantees:

Authenticity – confirming the identity of the sender.

Unforgeability – ensuring that no one else can produce the same signature without the sender’s private key.

These properties are achieved using a combination of hash functions and asymmetric encryption (digital certificates/private keys).

Reference – CEH v13 Official Study Guide:

Module 20: Cryptography

Quote:

“A valid digital signature ensures that the message comes from a legitimate sender (authenticity) and has not been altered or forged (unforgeability).”

Incorrect Options:

A, C, D: Refer to human/visual signatures, not cryptographic properties

=

Spear-phishing is a targeted form of phishing that uses personalized and context-rich information to increase credibility. CEH emphasizes that referencing specific internal projects, financial data, or organizational events significantly raises the success rate when attacking high-value targets such as executives. This tailored approach avoids suspicion and exploits trust more effectively than broad or generic phishing attempts.