Authentic ECCouncil Certification Exam 312-50v13 Questions Answers

Remote File Inclusion occurs when an application allows external resources to be loaded from user-controlled input. CEH teaches that an attacker can supply a remote URL pointing to a malicious script (for example, a PHP shell). When the vulnerable application includes this external file, the attacker's code executes on the server. This can lead to full system compromise, remote command execution, or lateral movement.

https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol

LDAP, the Lightweight Directory Access Protocol, is a mature, flexible, and well supported standards-based mechanism for interacting with directory servers. It’s often used for authentication and storing information about users, groups, and applications, but an LDAP directory server is a fairly general-purpose data store and can be used in a wide variety of applications.

The LDAP protocol can deal in quite a bit of sensitive data: Active Directory usernames, login attempts, failed-login notifications, and more. If attackers get ahold of that data in flight, they might be able to compromise data like legitimate AD credentials and use it to poke around your network in search of valuable assets.

Encrypting LDAP traffic in flight across the network can help prevent credential theft and other malicious activity, but it's not a failsafe—and if traffic is encrypted, your own team might miss the signs of an attempted attack in progress.

While LDAP encryption isn't standard, there is a nonstandard version of LDAP called Secure LDAP, also known as "LDAPS" or "LDAP over SSL" (SSL, or Secure Socket Layer, being the now-deprecated ancestor of Transport Layer Security).

LDAPS uses its own distinct network port to connect clients and servers. The default port for LDAP is port 389, but LDAPS uses port 636 and establishes TLS/SSL upon connecting with a client.

In CEH v13 Module 14: Cryptography, VPN (Virtual Private Network) technology is described as the method that allows users to securely transmit data over an insecure (public) network by establishing a secure, encrypted tunnel.

VPN Features:

Encrypts all traffic between the user's device and the target network.

Prevents session hijacking, eavesdropping, and man-in-the-middle (MITM) attacks.

Common protocols: IPSec, L2TP, SSL VPN, and OpenVPN.

Option Clarification:

A. DMZ: A network segmentation strategy, not an encryption method.

B. SMB signing: Ensures integrity for SMB protocol, but not for remote tunneling.

C. VPN: Correct. Used to securely tunnel over public networks.

D. Switch network: Refers to network segmentation using switches, unrelated to tunneling.