1. Home
  2. EC-COUNCIL
  3. 312-50V10

EC-Council Certified Ethical Hacker (C|EH v10)

Exam Details

  • Exam Code
    :312-50V10
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :747 Q&As
  • Last Updated
    :Apr 14, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50V10 Questions & Answers

  • Question 311:

    A well-intentioned researcher discovers a vulnerability on the web site of a major corporation. What should he do?

    A. Ignore it.

    B. Try to sell the information to a well-paying party on the dark web.

    C. Notify the web site owner so that corrective action be taken as soon as possible to patch the vulnerability.

    D. Exploit the vulnerability without harming the web site owner so that attention be drawn to the problem.

  • Question 312:

    Ricardo wants to send secret messages to a competitor company. To secure these messages, he uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'.

    What technique is Ricardo using?

    A. Steganography

    B. Public-key cryptography

    C. RSA algorithm

    D. Encryption

  • Question 313:

    The chance of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1 (100%).

    What is the closest approximate cost of this replacement and recovery operation per year?

    A. $146

    B. $1320

    C. $440

    D. $100

  • Question 314:

    Which of the following is a low-tech way of gaining unauthorized access to systems?

    A. Social Engineering

    B. Sniffing

    C. Eavesdropping

    D. Scanning

  • Question 315:

    Sid is a judge for a programming contest. Before the code reaches him it goes through a restricted OS and is tested there. If it passes, then it moves onto Sid. What is this middle step called?

    A. Fuzzy-testing the code

    B. Third party running the code

    C. Sandboxing the code

    D. String validating the code

  • Question 316:

    Which tier in the N-tier application architecture is responsible for moving and processing data between the tiers?

    A. Application Layer

    B. Data tier

    C. Presentation tier

    D. Logic tier

  • Question 317:

    An attacker gains access to a Web server's database and displays the contents of the table that holds all of the names, passwords, and other user information. The attacker did this by entering information into the Web site's user login page that the software's designers did not expect to be entered. This is an example of what kind of software design problem?

    A. Insufficient input validation

    B. Insufficient exception handling

    C. Insufficient database hardening

    D. Insufficient security management

  • Question 318:

    What mechanism in Windows prevents a user from accidentally executing a potentially malicious batch (.bat) or PowerShell (.ps1) script?

    A. User Access Control (UAC)

    B. Data Execution Prevention (DEP)

    C. Address Space Layout Randomization (ASLR)

    D. Windows firewall

  • Question 319:

    To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program.

    What term is commonly used when referring to this type of testing?

    A. Fuzzing

    B. Randomizing

    C. Mutating

    D. Bounding

  • Question 320:

    The company ABC recently contracted a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. What of the following options can be useful to ensure the integrity of the data?

    A. The document can be sent to the accountant using an exclusive USB for that document.

    B. The CFO can use a hash algorithm in the document once he approved the financial statements.

    C. The financial statements can be sent twice, one by email and the other delivered in USB and the accountant can compare both to be sure it is the same document.

    D. The CFO can use an excel file with a password.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.