1. Home
  2. EC-COUNCIL
  3. 312-50

Certified Ethical Hacker

Exam Details

  • Exam Code
    :312-50
  • Exam Name
    :Certified Ethical Hacker
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :614 Q&As
  • Last Updated
    :Apr 16, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50 Questions & Answers

  • Question 641:

    Leesa is the senior security analyst for a publicly traded company. The IT department recently rolled out an intranet for company use only with information ranging from training, to holiday schedules, to human resources data. Leesa wants to make sure the site is not accessible from outside and she also wants to ensure the site is Sarbanes-Oxley (SOX) compliant. Leesa goes to a public library as she wants to do some Google searching to verify whether the company's intranet is accessible from outside and has been indexed by Google. Leesa wants to search for a website title of "intranet" with part of the URL containing the word "intranet" and the words "human resources" somewhere in the webpage.

    What Google search will accomplish this?

    A. related:intranet allinurl:intranet:"human resources"

    B. cache:"human resources" inurl:intranet(SharePoint)

    C. intitle:intranet inurl:intranet+intext:"human resources"

    D. site:"human resources"+intext:intranet intitle:intranet

  • Question 642:

    Jason is the network administrator of Spears Technology. He has enabled SNORT IDS to detect attacks going through his network. He receives Snort SMS alerts on his iPhone whenever there is an attempted intrusion to his network. He receives the following SMS message during the weekend.

    An attacker Chew Siew sitting in Beijing, China had just launched a remote scan on Jason's network with the hping command.

    Which of the following hping2 command is responsible for the above snort alert?

    A. chenrocks:/home/siew # hping -S -R -P -A -F -U 192.168.2.56 -p 22 -c 5 -t 118

    B. chenrocks:/home/siew # hping -F -Q -J -A -C -W 192.168.2.56 -p 22 -c 5 -t 118

    C. chenrocks:/home/siew # hping -D -V -R -S -Z -Y 192.168.2.56 -p 22 -c 5 -t 118

    D. chenrocks:/home/siew # hping -G -T -H -S -L -W 192.168.2.56 -p 22 -c 5 -t 118

  • Question 643:

    In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on the network to gain access.

    A. Token Injection Replay attacks

    B. Shoulder surfing attack

    C. Rainbow and Hash generation attack

    D. Dumpster diving attack

  • Question 644:

    What framework architecture is shown in this exhibit?

    A. Core Impact

    B. Metasploit

    C. Immunity Canvas

    D. Nessus

  • Question 645:

    What techniques would you use to evade IDS during a Port Scan? (Select 4 answers)

    A. Use fragmented IP packets

    B. Spoof your IP address when launching attacks and sniff responses from the server

    C. Overload the IDS with Junk traffic to mask your scan

    D. Use source routing (if possible)

    E. Connect to proxy servers or compromised Trojaned machines to launch attacks

  • Question 646:

    TCP packets transmitted in either direction after the initial three-way handshake will have which of the following bit set?

    A. SYN flag

    B. ACK flag

    C. FIN flag

    D. XMAS flag

  • Question 647:

    You are gathering competitive intelligence on an organization. You notice that they have jobs listed on a few Internet job-hunting sites. There are two jobs for network and system administrators. How can this help you in foot printing the organization?

    A. To learn about the IP range used by the target network

    B. To identify the number of employees working for the company

    C. To test the limits of the corporate security policy enforced in the company

    D. To learn about the operating systems, services and applications used on the network

  • Question 648:

    This method is used to determine the Operating system and version running on a remote target system. What is it called?

    A. Service Degradation

    B. OS Fingerprinting

    C. Manual Target System

    D. Identification Scanning

  • Question 649:

    Which of the following is NOT part of CEH Scanning Methodology?

    A. Check for Live systems

    B. Check for Open Ports

    C. Banner Grabbing

    D. Prepare Proxies

    E. Social Engineering attacks

    F. Scan for Vulnerabilities

    G. Draw Network Diagrams

  • Question 650:

    Lee is using Wireshark to log traffic on his network. He notices a number of packets being directed to an internal IP from an outside IP where the packets are ICMP and their size is around 65,536 bytes. What is Lee seeing here?

    A. Lee is seeing activity indicative of a Smurf attack.

    B. Most likely, the ICMP packets are being sent in this manner to attempt IP spoofing.

    C. Lee is seeing a Ping of death attack.

    D. This is not unusual traffic, ICMP packets can be of any size.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.