1. Home
  2. EC-COUNCIL
  3. 312-50

Certified Ethical Hacker

Exam Details

  • Exam Code
    :312-50
  • Exam Name
    :Certified Ethical Hacker
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :614 Q&As
  • Last Updated
    :Apr 16, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50 Questions & Answers

  • Question 651:

    A Trojan horse is a destructive program that masquerades as a benign application. The software initially appears to perform a desirable function for the user prior to installation and/or execution, but in addition to the expected function steals information or harms the system.

    The challenge for an attacker is to send a convincing file attachment to the victim, which gets easily executed on the victim machine without raising any suspicion. Today's end users are quite knowledgeable about malwares and viruses. Instead of sending games and fun executables, Hackers today are quite successful in spreading the Trojans using Rogue security software.

    What is Rogue security software?

    A. A flash file extension to Firefox that gets automatically installed when a victim visits rogue software disabling websites

    B. A Fake AV program that claims to rid a computer of malware, but instead installs spyware or other malware onto the computer. This kind of software is known as rogue security software.

    C. A Fake AV program that claims to rid a computer of malware, but instead installs spyware or other malware onto the computer. This kind of software is known as rogue security software.

    D. A Fake AV program that claims to rid a computer of malware, but instead installs spyware or other malware onto the computer. This kind of software is known as rogue security software.

    E. Rogue security software is based on social engineering technique in which the attackers lures victim to visit spear phishing websites

    F. This software disables firewalls and establishes reverse connecting tunnel between the victim's machine and that of the attacker

  • Question 652:

    You are the CIO for Avantes Finance International, a global finance company based in Geneva. You are responsible for network functions and logical security throughout the entire corporation. Your company has over 250 servers running Windows Server, 5000 workstations running Windows Vista, and 200 mobile users working from laptops on Windows 7.

    Last week, 10 of your company's laptops were stolen from salesmen while at a conference in Amsterdam. These laptops contained proprietary company information. While doing damage assessment on the possible public relations nightmare this may become, a news story leaks about the stolen laptops and also that sensitive information from those computers was posted to a blog online.

    What built-in Windows feature could you have implemented to protect the sensitive information on these laptops?

    A. You should have used 3DES which is built into Windows

    B. If you would have implemented Pretty Good Privacy (PGP) which is built into Windows, the sensitive information on the laptops would not have leaked out

    C. You should have utilized the built-in feature of Distributed File System (DFS) to protect the sensitive information on the laptops

    D. You could have implemented Encrypted File System (EFS) to encrypt the sensitive files on the laptops

  • Question 653:

    Lori was performing an audit of her company's internal Sharepoint pages when she came across the following code: What is the purpose of this code?

    A. This JavaScript code will use a Web Bug to send information back to another server.

    B. This code snippet will send a message to a server at 192.154.124.55 whenever the "escape" key is pressed.

    C. This code will log all keystrokes.

    D. This bit of JavaScript code will place a specific image on every page of the RSS feed.

  • Question 654:

    Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers) A. Bogus ECHO reply packets are flooded on the network spoofing the IP and MAC address

    B. The ICMP packets signal the victim system to reply and the combination of traffic saturates the bandwidth of the victim's network

    C. ECHO packets are flooded on the network saturating the bandwidth of the subnet causing denial of service

    D. A DDoS ICMP flood attack occurs when the zombies send large volumes of ICMP_ECHO_REPLY packets to the victim system.

  • Question 655:

    Bob has set up three web servers on Windows Server 2008 IIS 7.0. Bob has followed all the recommendations for securing the operating system and IIS. These servers are going to run numerous e-commerce websites that are projected to bring in thousands of dollars a day. Bob is still concerned about the security of these servers because of the potential for financial loss. Bob has asked his company's firewall administrator to set the firewall to inspect all incoming traffic on ports 80 and 443 to ensure that no malicious data is getting into the network.

    Why will this not be possible?

    A. Firewalls cannot inspect traffic coming through port 443

    B. Firewalls can only inspect outbound traffic

    C. Firewalls cannot inspect traffic at all, they can only block or allow certain ports

    D. Firewalls cannot inspect traffic coming through port 80

  • Question 656:

    Which of the following tool would be considered as Signature Integrity Verifier (SIV)?

    A. Nmap

    B. SNORT

    C. VirusSCAN

    D. Tripwire

  • Question 657:

    Attackers footprint target Websites using Google Hacking techniques. Google hacking is a term that refers to the art of creating complex search engine queries. It detects websites that are vulnerable to numerous exploits and vulnerabilities. Google operators are used to locate specific strings of text within the search results. The configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database. WordPress uses config.php that stores the database Username and Password. Which of the below Google search string brings up sites with "config.php" files?

    A. Search:index config/php

    B. Wordpress:index config.php

    C. intitle:index.of config.php

    D. Config.php:index list

  • Question 658:

    One of the effective DoS/DDoS countermeasures is 'Throttling'. Which statement correctly defines this term?

    A. Set up routers that access a server with logic to adjust incoming traffic to levels that will be safe for the server to process

    B. Providers can increase the bandwidth on critical connections to prevent them from going down in the event of an attack

    C. Replicating servers that can provide additional failsafe protection

    D. Load balance each server in a multiple-server architecture

  • Question 659:

    You receive an e-mail with the following text message.

    "Microsoft and HP today warned all customers that a new, highly dangerous virus has been discovered which will erase all your files at midnight. If there's a file called hidserv.exe on your computer, you have been infected and your computer

    is now running a hidden server that allows hackers to access your computer. Delete the file immediately. Please also pass this message to all your friends and colleagues as soon as possible."

    You launch your antivirus software and scan the suspicious looking file hidserv.exe located in

    c:\windows directory and the AV comes out clean meaning the file is not infected. You view the file signature and confirm that it is a legitimate Windows system file "Human Interface Device Service".

    What category of virus is this?

    A. Virus hoax

    B. Spooky Virus

    C. Stealth Virus

    D. Polymorphic Virus

  • Question 660:

    BankerFox is a Trojan that is designed to steal users' banking data related to certain banking entities.

    When they access any website of the affected banks through the vulnerable Firefox 3.5 browser, the Trojan is activated and logs the information entered by the user. All the information entered in that website will be logged by the Trojan and

    transmitted to the attacker's machine using covert channel.

    BankerFox does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer.

    What is the most efficient way an attacker located in remote location to infect this banking Trojan on a victim's machine?

    A. Physical access - the attacker can simply copy a Trojan horse to a victim's hard disk infecting the machine via Firefox add-on extensions

    B. Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

    C. Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

    D. Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

    E. Downloading software from a website? An attacker can offer free software, such as shareware programs and pirated mp3 files

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.