1. Home
  2. EC-COUNCIL
  3. 312-50

Certified Ethical Hacker

Exam Details

  • Exam Code
    :312-50
  • Exam Name
    :Certified Ethical Hacker
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :614 Q&As
  • Last Updated
    :Apr 16, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50 Questions & Answers

  • Question 661:

    This tool is widely used for ARP Poisoning attack. Name the tool.

    A. Cain and Able

    B. Beat Infector

    C. Poison Ivy

    D. Webarp Infector

  • Question 662:

    Attacking well-known system defaults is one of the most common hacker attacks. Most software is shipped with a default configuration that makes it easy to install and setup the application. You should change the default settings to secure the system.

    Which of the following is NOT an example of default installation?

    A. Many systems come with default user accounts with well-known passwords that administrators forget to change

    B. Often, the default location of installation files can be exploited which allows a hacker to retrieve a file from the system

    C. Many software packages come with "samples" that can be exploited, such as the sample programs on IIS web services

    D. Enabling firewall and anti-virus software on the local system

  • Question 663:

    Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea with her friends. These friends frequently go out to sea to follow and harass fishing fleets that illegally fish in foreign waters. Ursula eventually wants to put companies practicing illegal fishing out of business. Ursula decides to hack into the parent company's computers and destroy critical data knowing fully well that, if caught, she probably would be sent to jail for a very long time. What would Ursula be considered?

    A. Ursula would be considered a gray hat since she is performing an act against illegal activities.

    B. She would be considered a suicide hacker.

    C. She would be called a cracker.

    D. Ursula would be considered a black hat.

  • Question 664:

    Steven the hacker realizes the network administrator of Acme Corporation is using syskey in Windows 2008 Server to protect his resources in the organization. Syskey independently encrypts the hashes so that physical access to the server, tapes, or ERDs is only first step to cracking the passwords. Steven must break through the encryption used by syskey before he can attempt to use brute force dictionary attacks on the hashes. Steven runs a program called "SysCracker" targeting the Windows 2008 Server machine in attempting to crack the hash used by Syskey. He needs to configure the encryption level before he can launch the attack. How many bits does Syskey use for encryption?

    A. 40-bit encryption

    B. 128-bit encryption

    C. 256-bit encryption

    D. 64-bit encryption

  • Question 665:

    What is War Dialing?

    A. War dialing involves the use of a program in conjunction with a modem to penetrate the modem/PBX-based systems

    B. War dialing is a vulnerability scanning technique that penetrates Firewalls

    C. It is a social engineering technique that uses Phone calls to trick victims

    D. Involves IDS Scanning Fragments to bypass Internet filters and stateful Firewalls

  • Question 666:

    Attackers target HINFO record types stored on a DNS server to enumerate information. These are information records and potential source for reconnaissance. A network administrator has the option of entering host information specifically the CPU type and operating system when creating a new DNS record. An attacker can extract this type of information easily from a DNS server.

    Which of the following commands extracts the HINFO record?

    A. Option A

    B. Option B

    C. Option C

    D. Option D

  • Question 667:

    Web servers often contain directories that do not need to be indexed. You create a text file with search engine indexing restrictions and place it on the root directory of the Web Server.

    User-agent: * Disallow: /images/ Disallow: /banners/ Disallow: /Forms/ Disallow: /Dictionary/ Disallow: /_borders/ Disallow: /_fpclass/ Disallow: /_overlay/ Disallow: /_private/ Disallow: /_themes/

    What is the name of this file?

    A. robots.txt

    B. search.txt

    C. blocklist.txt

    D. spf.txt

  • Question 668:

    Maintaining a secure Web server requires constant effort, resources, and vigilance from an organization. Securely administering a Web server on a daily basis is an essential aspect of Web server security.

    Maintaining the security of a Web server will usually involve the following steps:

    1.

    Configuring, protecting, and analyzing log files

    2.

    Backing up critical information frequently

    3.

    Maintaining a protected authoritative copy of the organization's Web content

    4.

    Establishing and following procedures for recovering from compromise

    5.

    Testing and applying patches in a timely manner

    6.

    Testing security periodically.

    In which step would you engage a forensic investigator?

    A. 1

    B. 2

    C. 3

    D. 4

    E. 5

    F. 6

  • Question 669:

    What type of Trojan is this?

    A. RAT Trojan

    B. E-Mail Trojan

    C. Defacement Trojan

    D. Destructing Trojan

    E. Denial of Service Trojan

  • Question 670:

    Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This malware uses social engineering to lure users into infected websites with a technique called Search Engine Optimization.

    Once the Fake AV is downloaded into the user's computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats.

    The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is made.

    What is the risk of installing Fake AntiVirus?

    A. Victim's Operating System versions, services running and applications installed will be published on Blogs and Forums

    B. Victim's personally identifiable information such as billing address and credit card details, may be extracted and exploited by the attacker

    C. Once infected, the computer will be unable to boot and the Trojan will attempt to format the hard disk

    D. Denial of Service attack will be launched against the infected computer crashing other machines on the connected network

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.