1. Home
  2. EC-COUNCIL
  3. 312-50V10

EC-Council Certified Ethical Hacker (C|EH v10)

Exam Details

  • Exam Code
    :312-50V10
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :747 Q&As
  • Last Updated
    :Apr 14, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50V10 Questions & Answers

  • Question 291:

    Which of the following types of firewalls ensures that the packets are part of the established session?

    A. Stateful inspection firewall

    B. Circuit-level firewall

    C. Application-level firewall

    D. Switch-level firewall

  • Question 292:

    The "gray box testing" methodology enforces what kind of restriction?

    A. The internal operation of a system is only partly accessible to the tester.

    B. The internal operation of a system is completely known to the tester.

    C. Only the external operation of a system is accessible to the tester.

    D. Only the internal operation of a system is known to the tester.

  • Question 293:

    What two conditions must a digital signature meet?

    A. Has to be unforgeable, and has to be authentic.

    B. Has to be legible and neat.

    C. Must be unique and have special characters.

    D. Has to be the same number of characters as a physical signature and must be unique.

  • Question 294:

    Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?

    A. A biometric system that bases authentication decisions on behavioral attributes.

    B. A biometric system that bases authentication decisions on physical attributes.

    C. An authentication system that creates one-time passwords that are encrypted with secret keys.

    D. An authentication system that uses passphrases that are converted into virtual passwords.

  • Question 295:

    In cryptanalysis and computer security, 'pass the hash' is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case.

    Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system that you already know the credentials for. It was written by sysinternals and has been integrated within the framework. Often as penetration testers, successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values.

    Which of the following is true hash type and sort order that is using in the psexec module's 'smbpass'?

    A. NT:LM

    B. LM:NT

    C. LM:NTLM

    D. NTLM:LM

  • Question 296:

    In many states sending spam is illegal. Thus, the spammers have techniques to try and ensure that no one knows they sent the spam out to thousands of users at a time. Which of the following best describes what spammers use to hide the origin of these types of e- mails?

    A. A blacklist of companies that have their mail server relays configured to allow traffic only to their specific domain name.

    B. Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously.

    C. A blacklist of companies that have their mail server relays configured to be wide open.

    D. Tools that will reconfigure a mail server's relay component to send the e-mail back to the spammers occasionally.

  • Question 297:

    Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?

    A. msfpayload

    B. msfcli

    C. msfencode

    D. msfd

  • Question 298:

    An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network's external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file.

    What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?

    A. Protocol analyzer

    B. Intrusion Prevention System (IPS)

    C. Network sniffer

    D. Vulnerability scanner

  • Question 299:

    Look at the following output. What did the hacker accomplish?

    A. The hacker used whois to gather publicly available records for the domain.

    B. The hacker used the "fierce" tool to brute force the list of available domains.

    C. The hacker listed DNS records on his own domain.

    D. The hacker successfully transferred the zone and enumerated the hosts.

  • Question 300:

    In order to have an anonymous Internet surf, which of the following is best choice?

    A. Use SSL sites when entering personal information

    B. Use Tor network with multi-node

    C. Use shared WiFi

    D. Use public VPN

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.