1. Home
  2. EC-COUNCIL
  3. 312-50V11

EC-Council Certified Ethical Hacker (C|EH v11)

Exam Details

  • Exam Code
    :312-50V11
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v11)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :528 Q&As
  • Last Updated
    :Apr 17, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

  • Question 351:

    You are performing a penetration test for a client and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the internal domain, if the DNS server is at

    192.168.10.2 and the domain name is abccorp.local, what command would you type at the nslookup prompt to attempt a zone transfer?

    A. list server=192.168.10.2 type=all

    B. is-d abccorp.local

    C. Iserver 192.168.10.2-t all

    D. List domain=Abccorp.local type=zone

  • Question 352:

    What is the proper response for a NULL scan if the port is open?

    A. SYN

    B. ACK

    C. FIN

    D. PSH

    E. RST

    F. No response

  • Question 353:

    Which of the following is the primary objective of a rootkit?

    A. It opens a port to provide an unauthorized service

    B. It creates a buffer overflow

    C. It replaces legitimate programs

    D. It provides an undocumented opening in a program

  • Question 354:

    Which definition among those given below best describes a covert channel?

    A. A server program using a port that is not well known.

    B. Making use of a protocol in a way it is not intended to be used.

    C. It is the multiplexing taking place on a communication link.

    D. It is one of the weak channels used by WEP which makes it insecure

  • Question 355:

    What is the purpose of DNS AAAA record?

    A. Authorization, Authentication and Auditing record

    B. Address prefix record

    C. Address database record

    D. IPv6 address resolution record

  • Question 356:

    To reach a bank web site, the traffic from workstations must pass through a firewall. You have been asked to review the firewall configuration to ensure that workstations in network 10.10.10.0/24 can only reach the bank web site 10.20.20.1 using https. Which of the following firewall rules meets this requirement?

    A. If (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 443) then permit

    B. If (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 80 or 443) then permit

    C. If (source matches 10.20.20.1 and destination matches 10.10.10.0/24 and port matches 443) then permit

    D. If (source matches 10.10.10.0 and destination matches 10.20.20.1 and port matches 443) then permit

  • Question 357:

    What piece of hardware on a computer's motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible?

    A. CPU

    B. GPU

    C. UEFI

    D. TPM

  • Question 358:

    Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs:

    From the above list identify the user account with System Administrator privileges.

    A. John

    B. Rebecca

    C. Sheela

    D. Shawn

    E. Somia

    F. Chang

    G. Micah

  • Question 359:

    A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The "ps" command shows that the "nc" file is running as process, and the netstat command shows the "nc" process is listening on a network port.

    What kind of vulnerability must be present to make this remote attack possible?

    A. File system permissions

    B. Privilege escalation

    C. Directory traversal D. Brute force login

  • Question 360:

    You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c

    What is the hexadecimal value of NOP instruction?

    A. 0x60

    B. 0x80

    C. 0x70

    D. 0x90

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V11 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.