1. Home
  2. EC-COUNCIL
  3. 312-50V9

EC-Council Certified Ethical Hacker (C|EH v9)

Exam Details

  • Exam Code
    :312-50V9
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v9)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :614 Q&As
  • Last Updated
    :Apr 14, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50V9 Questions & Answers

  • Question 131:

    Which set of access control solutions implements two-factor authentication?

    A. USB token and PIN

    B. Fingerprint scanner and retina scanner

    C. Password and PIN

    D. Account and password

  • Question 132:

    Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?

    A. They are written in Java.

    B. They send alerts to security monitors.

    C. They use the same packet analysis engine.

    D. They use the same packet capture utility.

  • Question 133:

    Pentest results indicate that voice over IP traffic is traversing a network. Which of the following tools will decode a packet capture and extract the voice conversations?

    A. Cain

    B. John the Ripper

    C. Nikto

    D. Hping

  • Question 134:

    From the two screenshots below, which of the following is occurring?

    A. 10.0.0.253 is performing an IP scan against 10.0.0.0/24, 10.0.0.252 is performing a port scan against

    10.0.0.2.

    B. 10.0.0.253 is performing an IP scan against 10.0.0.2, 10.0.0.252 is performing a port scan against

    10.0.0.2.

    C. 10.0.0.2 is performing an IP scan against 10.0.0.0/24, 10.0.0.252 is performing a port scan against

    10.0.0.2.

    D. 10.0.0.252 is performing an IP scan against 10.0.0.2, 10.0.0.252 is performing a port scan against

    10.0.0.2.

  • Question 135:

    Which type of intrusion detection system can monitor and alert on attacks, but cannot stop them?

    A. Detective

    B. Passive

    C. Intuitive

    D. Reactive

  • Question 136:

    An organization hires a tester to do a wireless penetration test. Previous reports indicate that the last test did not contain management or control packets in the submitted traces. Which of the following is the most likely reason for lack of management or control packets?

    A. The wireless card was not turned on.

    B. The wrong network card drivers were in use by Wireshark.

    C. On Linux and Mac OS X, only 802.11 headers are received in promiscuous mode.

    D. Certain operating systems and adapters do not collect the management or control packets.

  • Question 137:

    When an alert rule is matched in a network-based IDS like snort, the IDS does which of the following?

    A. Drops the packet and moves on to the next one

    B. Continues to evaluate the packet until all rules are checked

    C. Stops checking rules, sends an alert, and lets the packet continue

    D. Blocks the connection with the source IP address in the packet

  • Question 138:

    The network administrator for a company is setting up a website with e-commerce capabilities. Packet sniffing is a concern because credit card information will be sent electronically over the Internet. Customers visiting the site will need to encrypt the data with HTTPS. Which type of certificate is used to encrypt and decrypt the data?

    A. Asymmetric

    B. Confidential

    C. Symmetric

    D. Non-confidential

  • Question 139:

    What is the main advantage that a network-based IDS/IPS system has over a host-based solution?

    A. They do not use host system resources.

    B. They are placed at the boundary, allowing them to inspect all traffic.

    C. They are easier to install and configure.

    D. They will not interfere with user interfaces.

  • Question 140:

    The use of alert thresholding in an IDS can reduce the volume of repeated alerts, but introduces which of the following vulnerabilities?

    A. An attacker, working slowly enough, can evade detection by the IDS.

    B. Network packets are dropped if the volume exceeds the threshold.

    C. Thresholding interferes with the IDS' ability to reassemble fragmented packets.

    D. The IDS will not distinguish among packets originating from different sources.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V9 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.