1. Home
  2. EC-COUNCIL
  3. 312-50V11

EC-Council Certified Ethical Hacker (C|EH v11)

Exam Details

  • Exam Code
    :312-50V11
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v11)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :528 Q&As
  • Last Updated
    :Apr 17, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

  • Question 331:

    Suppose that you test an application for the SQL injection vulnerability. You know that the backend database

    is based on Microsoft SQL Server. In the login/password form, you enter the following credentials:

    Username: attack' or 1=1

    Password: 123456

    Based on the above credentials, which of the following SQL commands are you expecting to be executed by the server, if there is indeed an SQL injection vulnerability?

    A. select * from Users where UserName = `attack' ' or 1=1 -- and UserPassword = `123456'

    B. select * from Users where UserName = `attack' or 1=1 -- and UserPassword = `123456'

    C. select * from Users where UserName = `attack or 1=1 -- and UserPassword = `123456'

    D. select * from Users where UserName = `attack' or 1=1 --' and UserPassword = `123456'

  • Question 332:

    Which of the following represents the initial two commands that an IRC client sends to join an IRC network?

    A. USER, NICK

    B. LOGIN, NICK

    C. USER, PASS

    D. LOGIN, USER

  • Question 333:

    Judy created a forum, one day. she discovers that a user is posting strange images without writing comments.

    She immediately calls a security expert, who discovers that the following code is hidden behind those images:

    What issue occurred for the users who clicked on the image?

    A. The code inject a new cookie to the browser.

    B. The code redirects the user to another site.

    C. The code is a virus that is attempting to gather the users username and password.

    D. This php file silently executes the code and grabs the users session cookie and session ID.

  • Question 334:

    From the following table, identify the wrong answer in terms of Range (ft). Standard Range (ft) 802.11a 150-150 802.11b 150-150 802.11g 150-150

    802.16 (WiMax) 30 miles

    A. 802.16 (WiMax)

    B. 802.11g

    C. 802.11b

    D. 802.11a

  • Question 335:

    What would be the purpose of running "wget 192.168.0.15 -q -S" against a web server?

    A. Performing content enumeration on the web server to discover hidden folders

    B. Using wget to perform banner grabbing on the webserver

    C. Flooding the web server with requests to perform a DoS attack

    D. Downloading all the contents of the web page locally for further examination

  • Question 336:

    Which wireless security protocol replaces the personal pre-shared key (PSK) authentication with Simultaneous Authentication of Equals (SAE) and is therefore resistant to offline dictionary attacks?

    A. WPA3-Personal

    B. WPA2-Enterprise

    C. Bluetooth

    D. ZigBee

  • Question 337:

    If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible?

    A. Birthday

    B. Brute force

    C. Man-in-the-middle

    D. Smurf

  • Question 338:

    The network administrator at Spears Technology, Inc has configured the default gateway Cisco router's access-list as below:

    You are hired to conduct security testing on their network.

    You successfully brute-force the SNMP community string using a SNMP crack tool.

    The access-list configured at the router prevents you from establishing a successful connection.

    You want to retrieve the Cisco configuration from the router. How would you proceed?

    A. Use the Cisco's TFTP default password to connect and download the configuration file

    B. Run a network sniffer and capture the returned traffic with the configuration file from the router

    C. Run Generic Routing Encapsulation (GRE) tunneling protocol from your computer to the router masking your IP address

    D. Send a customized SNMP set request with a spoofed source IP address in the range - 192.168.1.0

  • Question 339:

    Techno Security Inc. recently hired John as a penetration tester. He was tasked with identifying open ports in the target network and determining whether the ports are online and any firewall rule sets are encountered. John decided to perform a TCP SYN ping scan on the target network. Which of the following Nmap commands must John use to perform the TCP SVN ping scan?

    A. nmap -sn -pp < target ip address >

    B. nmap -sn -PO < target IP address >

    C. Anmap -sn -PS < target IP address >

    D. nmap -sn -PA < target IP address >

  • Question 340:

    What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?

    A. Copy the system files from a known good system

    B. Perform a trap and trace

    C. Delete the files and try to determine the source

    D. Reload from a previous backup

    E. Reload from known good media

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V11 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.