Last Attempt 312-50v13 Questions

Directory Traversal, also called path traversal, is a web attack in which an attacker manipulates file path input so the server accesses files outside the intended web directory. In CEH guidance on web application attacks, this commonly happens when an application builds a file path from user-controlled input such as a URL parameter that indicates a filename, folder, language pack, template, or download resource. If the server does not properly validate and normalize the supplied path, an attacker can inject traversal sequences such as dot-dot-slash patterns or encoded equivalents to move up directories and retrieve sensitive files.

The scenario describes Ethan changing URL parameters and receiving “data from areas of the system that should be restricted,” specifically “configuration files not intended for public access.” That is the hallmark outcome of directory traversal: unauthorized read access to files like application configs, environment settings, keys, or server configuration that can later enable deeper compromise. This is not password cracking because no credential guessing or authentication attack is involved. It is not web cache poisoning, which targets shared caching infrastructure to serve poisoned content to other users. It is not HTTP response splitting, which relies on injecting CRLF characters to manipulate response headers and potentially cause caching or XSS side effects.

CEH-aligned remediation focuses on strict allowlisting of permitted file resources, canonicalizing paths before access, rejecting traversal tokens and their encoded forms, using indirect object references instead of raw file paths, and enforcing least-privilege permissions so sensitive configuration files are not web-accessible even if a validation mistake occurs.

The correct answer is D, Network traversal. In CEH system hacking and post-exploitation concepts, lateral movement refers to an attacker moving across a compromised environment from one host, account, or resource to another. After gaining initial access, the attacker may enumerate systems, harvest credentials, abuse trust relationships, access shared resources, or use remote administration protocols to reach additional machines. The uploaded hacking methodology material describes the “takeover” phase as expanding control from a single host to other hosts in the network, which directly aligns with lateral movement. Pivoting is closely related, but it is more accurately a technique used to route traffic through a compromised system to reach otherwise inaccessible networks. Privilege escalation means increasing permissions on a system, and data exfiltration means stealing or transferring data out of the environment. Since the question asks what lateral movement is, the most precise answer is network traversal.

CEH v13 follows the Incident Response Lifecycle, which prioritizes identification and analysis before containment, unless there is immediate risk of catastrophic damage. In this scenario, the attacker has escalated privileges, but the organization still needs to understand what actions are being taken, what systems are affected, and whether lateral movement is occurring.

Option C aligns with CEH v13 best practices. Real-time monitoring and documentation allow analysts to:

Identify attacker techniques and tools

Preserve volatile evidence

Understand scope and impact

Implement targeted containment

Immediately powering down the server (Option B) may destroy volatile forensic evidence and disrupt services unnecessarily. Engaging forensic teams (Option A) is important but premature without initial analysis. Running vulnerability scans (Option D) does not address the active threat.

CEH v13 stresses that informed containment is more effective than reactive shutdowns. Therefore, Option C is correct.

CEH v13 outlines a structured approach to vulnerability assessment and exploitation. After identifying a high-severity vulnerability, the next critical step is verification and research, not immediate exploitation. This ensures accuracy, reduces false positives, and avoids unnecessary risk. CEH emphasizes that testers must validate vulnerability details, confirm version applicability, assess exploit availability (e.g., Metasploit, Exploit-DB), and evaluate potential impact. Attempting DoS attacks (Option A) is prohibited unless explicitly scoped and does not align with responsible testing. Brute-force attacks (Option B) are unrelated to software version vulnerabilities. Ignoring the issue (Option D) violates CEH methodology. The correct process is to research and verify—ensuring exploitation is safe, relevant, and authorized. This aligns with CEH’s vulnerability management lifecycle: discovery → verification → prioritization → exploitation (when allowed) → reporting.