1. Home
  2. EC-COUNCIL
  3. 312-50V8

Certified Ethical Hacker v8

Exam Details

  • Exam Code
    :312-50V8
  • Exam Name
    :Certified Ethical Hacker v8
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1008 Q&As
  • Last Updated
    :Apr 15, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50V8 Questions & Answers

  • Question 261:

    Jason is the network administrator of Spears Technology. He has enabled SNORT IDS to detect attacks going through his network. He receives Snort SMS alerts on his iPhone whenever there is an attempted intrusion to his network.

    He receives the following SMS message during the weekend.

    An attacker Chew Siew sitting in Beijing, China had just launched a remote scan on Jason's network with the hping command.

    Which of the following hping2 command is responsible for the above snort alert?

    A. chenrocks:/home/siew # hping -S -R -P -A -F -U 192.168.2.56 -p 22 -c 5 -t 118

    B. chenrocks:/home/siew # hping -F -Q -J -A -C -W 192.168.2.56 -p 22 -c 5 -t 118

    C. chenrocks:/home/siew # hping -D -V -R -S -Z -Y 192.168.2.56 -p 22 -c 5 -t 118

    D. chenrocks:/home/siew # hping -G -T -H -S -L -W 192.168.2.56 -p 22 -c 5 -t 118

  • Question 262:

    In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on the network to gain access.

    A. Token Injection Replay attacks

    B. Shoulder surfing attack

    C. Rainbow and Hash generation attack

    D. Dumpster diving attack

  • Question 263:

    Johnny is a member of the hacking group Orpheus1. He is currently working on breaking into the Department of Defense's front end Exchange Server. He was able to get into the server, located in a DMZ, by using an unused service account that had a very weak password that he was able to guess. Johnny wants to crack the administrator password, but does not have a lot of time to crack it. He wants to use a tool that already has the LM hashes computed for all possible permutations of the administrator password.

    What tool would be best used to accomplish this?

    A. SMBCrack

    B. SmurfCrack

    C. PSCrack

    D. RainbowTables

  • Question 264:

    You have chosen a 22 character word from the dictionary as your password. How long will it take to crack the password by an attacker?

    A. 16 million years

    B. 5 minutes

    C. 23 days

    D. 200 years

  • Question 265:

    While testing web applications, you attempt to insert the following test script into the search area on the company's web site:

    Later, when you press the search button, a pop up box appears on your screen with the text "Testing

    Testing Testing".

    What vulnerability is detected in the web application here?

    A. Cross Site Scripting

    B. Password attacks

    C. A Buffer Overflow

    D. A hybrid attack

  • Question 266:

    What techniques would you use to evade IDS during a Port Scan? (Select 4 answers)

    A. Use fragmented IP packets

    B. Spoof your IP address when launching attacks and sniff responses from the server

    C. Overload the IDS with Junk traffic to mask your scan

    D. Use source routing (if possible)

    E. Connect to proxy servers or compromised Trojaned machines to launch attacks

  • Question 267:

    Bob was frustrated with his competitor, Brownies Inc., and decided to launch an attack that would result in serious financial losses. He planned the attack carefully and carried out the attack at the appropriate moment.

    Meanwhile, Trent, an administrator at Brownies Inc., realized that their main financial transaction server had been attacked. As a result of the attack, the server crashed and Trent needed to reboot the system, as no one was able to access the resources of the company. This process involves human interaction to fix it.

    What kind of Denial of Service attack was best illustrated in the scenario above?

    A. Simple DDoS attack

    B. DoS attacks which involves flooding a network or system

    C. DoS attacks which involves crashing a network or system

    D. DoS attacks which is done accidentally or deliberately

  • Question 268:

    What framework architecture is shown in this exhibit?

    A. Core Impact

    B. Metasploit

    C. Immunity Canvas

    D. Nessus

  • Question 269:

    Which of the following steganography utilities exploits the nature of white space and allows the user to conceal information in these white spaces?

    A. Image Hide

    B. Snow

    C. Gif-It-Up

    D. NiceText

  • Question 270:

    The programmers on your team are analyzing the free, open source software being used to run FTP services on a server in your organization. They notice that there is excessive number of functions in the source code that might lead to buffer overflow. These C++ functions do not check bounds. Identify the line in the source code that might lead to buffer overflow?

    A. 9A.9

    B. 17B.17

    C. 20C.20

    D. 32D.32

    E. 35E.35

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.