1. Home
  2. EC-COUNCIL
  3. 312-50V11

EC-Council Certified Ethical Hacker (C|EH v11)

Exam Details

  • Exam Code
    :312-50V11
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v11)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :528 Q&As
  • Last Updated
    :Apr 17, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

  • Question 191:

    A post-breach forensic investigation revealed that a known vulnerability in Apache Struts was to blame for the Equifax data breach that affected 143 million customers. A fix was available from the software vendor for several months prior 10 the Intrusion. This Is likely a failure in which of the following security processes?

    A. vendor risk management

    B. Security awareness training

    C. Secure deployment lifecycle

    D. Patch management

  • Question 192:

    This type of injection attack does not show any error message. It is difficult to exploit as it returns information when the application is given SQL payloads that elicit a true or false response from the server. By observing the response, an attacker can extract sensitive information. What type of attack is this?

    A. Time-based SQL injection

    B. Union SQL injection

    C. Error-based SQL injection

    D. Blind SQL injection

  • Question 193:

    Alice needs to send a confidential document to her coworker. Bryan. Their company has public key infrastructure set up. Therefore. Alice both encrypts the message and digitally signs it. Alice uses_______to encrypt the message, and Bryan uses__________to confirm the digital signature.

    A. Bryan's public key; Bryan's public key

    B. Alice's public key; Alice's public key

    C. Bryan's private key; Alice's public key

    D. Bryan's public key; Alice's public key

  • Question 194:

    In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam.

    Which of the following statement is incorrect related to this attack?

    A. Do not reply to email messages or popup ads asking for personal or financial information

    B. Do not trust telephone numbers in e-mails or popup ads

    C. Review credit card and bank account statements regularly

    D. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks

    E. Do not send credit card numbers, and personal or financial information via e-mail

  • Question 195:

    Dorian Is sending a digitally signed email to Polly, with which key is Dorian signing this message and how is Poly validating It?

    A. Dorian is signing the message with his public key. and Poly will verify that the message came from Dorian by using Dorian's private key.

    B. Dorian Is signing the message with Polys public key. and Poly will verify that the message came from Dorian by using Dorian's public key.

    C. Dorian is signing the message with his private key. and Poly will verify that the message came from Dorian by using Dorian's public key.

    D. Dorian is signing the message with Polys private key. and Poly will verify mat the message came from Dorian by using Dorian's public key.

  • Question 196:

    Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?

    A. Take over the session

    B. Reverse sequence prediction

    C. Guess the sequence numbers

    D. Take one of the parties offline

  • Question 197:

    Which of the following tools can be used for passive OS fingerprinting?

    A. nmap

    B. tcpdump

    C. tracert

    D. ping

  • Question 198:

    Which ios jailbreaking technique patches the kernel during the device boot so that it becomes jailbroken after each successive reboot?

    A. Tethered jailbreaking

    B. Semi-tethered jailbreaking

    C. Untethered jailbreaking

    D. Semi-Untethered jailbreaking

  • Question 199:

    When conducting a penetration test, it is crucial to use all means to get all available information about the target network. One of the ways to do that is by sniffing the network. Which of the following cannot be performed by the passive network sniffing?

    A. Identifying operating systems, services, protocols and devices

    B. Modifying and replaying captured network traffic

    C. Collecting unencrypted information about usernames and passwords

    D. Capturing a network traffic for further analysis

  • Question 200:

    The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the Central Processing Unit (CPU), rather than passing only the frames that the controller is intended to receive. Which of the following is being described?

    A. Multi-cast mode

    B. Promiscuous mode

    C. WEM

    D. Port forwarding

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V11 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.