1. Home
  2. EC-COUNCIL
  3. 312-50

Certified Ethical Hacker

Exam Details

  • Exam Code
    :312-50
  • Exam Name
    :Certified Ethical Hacker
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :614 Q&As
  • Last Updated
    :Apr 16, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50 Questions & Answers

  • Question 671:

    Most cases of insider abuse can be traced to individuals who are introverted, incapable of dealing with stress or conflict, and frustrated with their job, office politics, and lack of respect or promotion. Disgruntled employees may pass company

    secrets and intellectual property to competitors for monitory benefits.

    Here are some of the symptoms of a disgruntled employee,.

    These disgruntled employees are the biggest threat to enterprise security. How do you deal with these threats? (Select 2 answers)

    A. Frequently leaves work early, arrive late or call in sick

    B. Spends time surfing the Internet or on the phone

    C. Responds in a confrontational, angry, or overly aggressive way to simple requests or comments

    D. Always negative; finds fault with everything

    E. Limit access to the applications they can run on their desktop computers and enforce strict work hour rules

    F. By implementing Virtualization technology from the desktop to the data centre, organizations can isolate different environments with varying levels of access and security to various employees

    G. Organizations must ensure that their corporate data is centrally managed and delivered to users just and when needed

    H. Limit Internet access, e-mail communications, access to social networking sites and job hunting portals

  • Question 672:

    XSS attacks occur on Web pages that do not perform appropriate bounds checking on data entered by users. Characters like < > that mark the beginning/end of a tag should be converted into HTML entities.

    What is the correct code when converted to html entities?

    A. Option A

    B. Option B

    C. Option C

    D. Option D

  • Question 673:

    You want to capture Facebook website traffic in Wireshark. What display filter should you use that shows all TCP packets that contain the word 'facebook'?

    A. display==facebook

    B. traffic.content==facebook

    C. tcp contains facebook

    D. list.display.facebook

  • Question 674:

    David is a security administrator working in Boston. David has been asked by the office's manager to block all POP3 traffic at the firewall because he believes employees are spending too much time reading personal email. How can David block POP3 at the firewall?

    A. David can block port 125 at the firewall.

    B. David can block all EHLO requests that originate from inside the office.

    C. David can stop POP3 traffic by blocking all HELO requests that originate from inside the office.

    D. David can block port 110 to block all POP3 traffic.

  • Question 675:

    Cyber Criminals have long employed the tactic of masking their true identity. In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine,

    by "spoofing" the IP address of that machine.

    How would you detect IP spoofing?

    A. Check the IPID of the spoofed packet and compare it with TLC checksum. If the numbers match then it is spoofed packet

    B. Probe a SYN Scan on the claimed host and look for a response SYN/FIN packet, if the connection completes then it is a spoofed packet

    C. Turn on 'Enable Spoofed IP Detection' in Wireshark, you will see a flag tick if the packet is spoofed

    D. Sending a packet to the claimed host will result in a reply. If the TTL in the reply is not the same as the packet being checked then it is a spoofed packet

  • Question 676:

    Which Steganography technique uses Whitespace to hide secret messages?

    A. snow

    B. beetle

    C. magnet

    D. cat

  • Question 677:

    What is a sniffing performed on a switched network called?

    A. Spoofed sniffing

    B. Passive sniffing

    C. Direct sniffing

    D. Active sniffing

  • Question 678:

    A rootkit is a collection of tools (programs) that enable administrator-level access to a computer. This program hides itself deep into an operating system for malicious activity and is extremely difficult to detect. The malicious software operates in a stealth fashion by hiding its files, processes and registry keys and may be used to create a hidden directory or folder designed to keep out of view from a user's operating system and security software.

    What privilege level does a rootkit require to infect successfully on a Victim's machine?

    A. User level privileges

    B. Ring 3 Privileges

    C. System level privileges

    D. Kernel level privileges

  • Question 679:

    In what stage of Virus life does a stealth virus gets activated with the user performing certain actions such as running an infected program?

    A. Design

    B. Elimination

    C. Incorporation

    D. Replication

    E. Launch

    F. Detection

  • Question 680:

    A common technique for luring e-mail users into opening virus-launching attachments is to send messages that would appear to be relevant or important to many of their potential recipients. One way of accomplishing this feat is to make the virus-carrying messages appear to come from some type of business entity retailing sites, UPS, FEDEX, CITIBANK or a major provider of a common service.

    Here is a fraudulent e-mail claiming to be from FedEx regarding a package that could not be delivered. This mail asks the receiver to open an attachment in order to obtain the FEDEX tracking number for picking up the package. The attachment contained in this type of e-mail activates a virus.

    Vendors send e-mails like this to their customers advising them not to open any files attached with the mail, as they do not include attachments. Fraudulent e-mail and legit e-mail that arrives in your inbox contain the fedex.com as the sender of the mail.

    How do you ensure if the e-mail is authentic and sent from fedex.com?

    A. Verify the digital signature attached with the mail, the fake mail will not have Digital ID at all

    B. Check the Sender ID against the National Spam Database (NSD)

    C. Fake mail will have spelling/grammatical errors

    D. Fake mail uses extensive images, animation and flash content

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.