Vce 312-50v13 Questions Latest

The correct answer is A. Website Mirroring.

The scenario describes downloading publicly accessible pages, scripts, media files, and directory references so the team can analyze the site offline. This is exactly website mirroring.

CEH-aligned material explains that mirroring a website means copying the entire website to a local system. The downloaded copy allows the tester to inspect directory structure and identify vulnerabilities in an offline environment, reducing repeated interaction with the live web server . The same material lists website mirroring tools such as WinHTTrack, SurfOffline, BlackWidow, Teleport Pro, Offline Explorer, and Wget .

Option B. Information Gathering is broader and can include many collection methods, but the specific activity described is local copying of site content.

Option C. Web Server Footprinting focuses more on server details such as banners, technologies, operating system, and architecture.

Option D. Vulnerability Scanning is incorrect because the team is not yet actively testing for known vulnerabilities.

Therefore, the best answer is A. Website Mirroring.

This scenario precisely matches polymorphic malware, a type of advanced malware described in CEH v13 Malware Threats. Polymorphic malware dynamically alters its code, encryption, or signature each time it propagates, allowing it to evade traditional signature-based antivirus detection.

Additionally, the malware’s ability to remain dormant until triggered indicates logic-based activation, which is common in advanced threats designed to avoid sandbox detection.

CEH v13 emphasizes that polymorphic malware cannot be reliably detected using static signatures. Instead, organizations must rely on behavior-based detection, heuristic analysis, and advanced threat protection systems capable of identifying suspicious runtime behavior.

Options A, C, and D do not match the described behavior. Adware focuses on advertising. Worms self-propagate aggressively. Rootkits focus on stealth and persistence, not code mutation.

Therefore, Option B is the correct answer.

In CEH v13 Mobile, IoT, and OT Hacking, Bluetooth Low Energy (BLE) attacks often involve capturing pairing exchanges. If the Long-Term Key (LTK) is not captured, decryption is not immediately possible.

CEH v13 explains that in such cases, attackers may attempt Btlejacking, which hijacks an existing BLE connection rather than decrypting it. This allows command injection and data manipulation without needing the LTK.

Options A and B are incorrect because decryption is not the only attack path. hcitool is for discovery, not exploitation. Therefore, Option D is correct.

The correct answer is D because world-writable cron directories allow unauthorized users or attackers to add or modify scheduled tasks. In Linux, cron is used to run commands or scripts automatically at defined times, and CEH-aligned material identifies crontab as the mechanism for listing scheduled jobs/tasks. If cron directories are writable by everyone, an attacker can place a malicious script or cron entry that repeatedly runs after compromise, after login, or after reboot. This supports the CEH system-hacking phase of maintaining access, also called persistence. The uploaded red-team reference specifically associates Linux “permanent access” with cron-based scheduled execution. Linux permissions are based on read, write, and execute rights, and overly permissive settings such as full access for all users create serious control weaknesses. This is not SQL injection or XSS because no web application input is involved. It is not primarily DoS. The best CEH answer is persistence.