1. Home
  2. EC-COUNCIL
  3. 312-50V11

EC-Council Certified Ethical Hacker (C|EH v11)

Exam Details

  • Exam Code
    :312-50V11
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v11)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :528 Q&As
  • Last Updated
    :Apr 17, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

  • Question 251:

    Bill has been hired as a penetration tester and cyber security auditor for a major credit card company. Which information security standard is most applicable to his role?

    A. FISMA

    B. HITECH

    C. PCI-DSS

    D. Sarbanes-OxleyAct

  • Question 252:

    Joseph was the Web site administrator for the Mason Insurance in New York, who's main Web site was located at www.masonins.com. Joseph uses his laptop computer regularly to administer the Web site. One night, Joseph received an urgent phone call from his friend, Smith. According to Smith, the main Mason Insurance web site had been vandalized! All of its normal content was removed and replaced with an attacker's message ''Hacker Message: You are dead! Freaks!" From his office, which was directly connected to Mason Insurance's internal network, Joseph surfed to the Web site using his laptop. In his browser, the Web site looked completely intact.

    No changes were apparent. Joseph called a friend of his at his home to help troubleshoot the problem. The Web site appeared defaced when his friend visited using his DSL connection. So, while Smith and his friend could see the defaced page, Joseph saw the intact Mason Insurance web site. To help make sense of this problem, Joseph decided to access the Web site using hisdial-up ISP. He disconnected his laptop from the corporate internal network and used his modem to dial up the same ISP used by Smith. After his modem connected, he quickly typed www.masonins.com in his browser to reveal the following web page:

    After seeing the defaced Web site, he disconnected his dial-up line, reconnected to the internal network, and used Secure Shell (SSH) to log in directly to the Web server. He ran Tripwire against the entire Web site, and determined that every system file and all the Web content on the server were intact. How did the attacker accomplish this hack?

    A. ARP spoofing

    B. SQL injection

    C. DNS poisoning

    D. Routing table injection

  • Question 253:

    Which of the following program infects the system boot sector and the executable files at the same time?

    A. Polymorphic virus

    B. Stealth virus

    C. Multipartite Virus

    D. Macro virus

  • Question 254:

    What is the most common method to exploit the "Bash Bug" or "Shellshock" vulnerability?

    A. SYN Flood

    B. SSH

    C. Through Web servers utilizing CGI (Common Gateway Interface) to send a malformed environment variable to a vulnerable Web server

    D. Manipulate format strings in text fields

  • Question 255:

    A hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part in coordinated attacks, or host junk email content. Which sort of trojan infects this server?

    A. Botnet Trojan

    B. Banking Trojans

    C. Turtle Trojans

    D. Ransomware Trojans

  • Question 256:

    Which of the following describes the characteristics of a Boot Sector Virus?

    A. Modifies directory table entries so that directory entries point to the virus code instead of the actual program.

    B. Moves the MBR to another location on the RAM and copies itself to the original location of the MBR.

    C. Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.

    D. Overwrites the original MBR and only executes the new virus code.

  • Question 257:

    Which command can be used to show the current TCP/IP connections?

    A. Netsh

    B. Netstat

    C. Net use connection

    D. Net use

  • Question 258:

    What type of analysis is performed when an attacker has partial knowledge of inner- workings of the application?

    A. Black-box

    B. Announced

    C. White-box

    D. Grey-box

  • Question 259:

    An attacker redirects the victim to malicious websites by sending them a malicious link by email. The link appears authentic but redirects the victim to a malicious web page, which allows the attacker to steal the victim's data. What type of attack is this?

    A. Phishing

    B. Vlishing

    C. Spoofing D. DDoS

  • Question 260:

    You are using a public Wi-Fi network inside a coffee shop. Before surfing the web, you use your VPN to prevent intruders from sniffing your traffic. If you did not have a VPN, how would you identify whether someone is performing an ARP spoofing attack on your laptop?

    A. You should check your ARP table and see if there is one IP address with two different MAC addresses.

    B. You should scan the network using Nmap to check the MAC addresses of all the hosts and look for duplicates.

    C. You should use netstat to check for any suspicious connections with another IP address within the LAN.

    D. You cannot identify such an attack and must use a VPN to protect your traffic, r

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V11 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.