1. Home
  2. EC-COUNCIL
  3. 312-50V10

EC-Council Certified Ethical Hacker (C|EH v10)

Exam Details

  • Exam Code
    :312-50V10
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :747 Q&As
  • Last Updated
    :Apr 14, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50V10 Questions & Answers

  • Question 281:

    In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?

    A. In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name.

    B. Both pharming and phishing attacks are purely technical and are not considered forms of social engineering.

    C. Both pharming and phishing attacks are identical.

    D. In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name.

  • Question 282:

    Which method of password cracking takes the most time and effort?

    A. Brute force

    B. Rainbow tables

    C. Dictionary attack

    D. Shoulder surfing

  • Question 283:

    The "black box testing" methodology enforces which kind of restriction?

    A. Only the external operation of a system is accessible to the tester.

    B. Only the internal operation of a system is known to the tester.

    C. The internal operation of a system is only partly accessible to the tester.

    D. The internal operation of a system is completely known to the tester.

  • Question 284:

    An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up.

    What is the most likely cause?

    A. The network devices are not all synchronized.

    B. Proper chain of custody was not observed while collecting the logs.

    C. The attacker altered or erased events from the logs.

    D. The security breach was a false positive.

  • Question 285:

    If executives are found liable for not properly protecting their company's assets and information systems, what type of law would apply in this situation?

    A. Civil

    B. International

    C. Criminal

    D. Common

  • Question 286:

    An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?

    A. Only using OSPFv3 will mitigate this risk.

    B. Make sure that legitimate network routers are configured to run routing protocols with authentication.

    C. Redirection of the traffic cannot happen unless the admin allows it explicitly.

    D. Disable all routing protocols and only use static routes.

  • Question 287:

    Jimmy is standing outside a secure entrance to a facility. He is pretending to have a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it begins to close.

    What just happened?

    A. Phishing

    B. Whaling

    C. Tailgating

    D. Masquerading

  • Question 288:

    Which of the following is designed to identify malicious attempts to penetrate systems?

    A. Intrusion Detection System

    B. Firewall

    C. Proxy

    D. Router

  • Question 289:

    What is correct about digital signatures?

    A. A digital signature cannot be moved from one signed document to another because it is the hash of the original document encrypted with the private key of the signing party.

    B. Digital signatures may be used in different documents of the same type.

    C. A digital signature cannot be moved from one signed document to another because it is a plain hash of the document content.

    D. Digital signatures are issued once for each user and can be used everywhere until they expire.

  • Question 290:

    You're doing an internal security audit and you want to find out what ports are open on all the servers. What is the best way to find out?

    A. Scan servers with Nmap

    B. Physically go to each server

    C. Scan servers with MBSA

    D. Telent to every port on each server

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.