1. Home
  2. EC-COUNCIL
  3. 312-50V9

EC-Council Certified Ethical Hacker (C|EH v9)

Exam Details

  • Exam Code
    :312-50V9
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v9)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :614 Q&As
  • Last Updated
    :Apr 14, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50V9 Questions & Answers

  • Question 531:

    Which of the following commands runs snort in packet logger mode?

    A. ./snort -dev -h ./log

    B. ./snort -dev -l ./log

    C. ./snort -dev -o ./log

    D. ./snort -dev -p ./log

  • Question 532:

    Neil notices that a single address is generating traffic from its port 500 to port 500 of several other machines on the network. This scan is eating up most of the network bandwidth and Neil is concerned. As a security professional, what would you infer from this scan?

    A. It is a network fault and the originating machine is in a network loop

    B. It is a worm that is malfunctioning or hardcoded to scan on port 500

    C. The attacker is trying to detect machines on the network which have SSL enabled

    D. The attacker is trying to determine the type of VPN implementation and checking for IPSec

  • Question 533:

    A distributed port scan operates by:

    A. Blocking access to the scanning clients by the targeted host

    B. Using denial-of-service software against a range of TCP ports

    C. Blocking access to the targeted host by each of the distributed scanning clients

    D. Having multiple computers each scan a small number of ports, then correlating the results

  • Question 534:

    An nmap command that includes the host specification of 202.176.56-57.* will scan _______ number of hosts.

    B. 256

    C. 512

    D. Over 10, 000

  • Question 535:

    A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites.

    77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets

    had an ICMP ID:0 and Seq:0. What can you infer from this information?

    A. The packets were sent by a worm spoofing the IP addresses of 47 infected sites

    B. ICMP ID and Seq numbers were most likely set by a tool and not by the operating system

    C. All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number

    D. 13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0

  • Question 536:

    While performing ping scans into a target network you get a frantic call from the organization's security team. They report that they are under a denial of service attack. When you stop your scan, the smurf attack event stops showing up on the organization's IDS monitor.

    How can you modify your scan to prevent triggering this event in the IDS?

    A. Scan more slowly.

    B. Do not scan the broadcast IP.

    C. Spoof the source IP address.

    D. Only scan the Windows systems.

  • Question 537:

    You are manually conducting Idle Scanning using Hping2. During your scanning you notice that almost every query increments the IPID regardless of the port being queried. One or two of the queries cause the IPID to increment by more than one value. Why do you think this occurs?

    A. The zombie you are using is not truly idle.

    B. A stateful inspection firewall is resetting your queries.

    C. Hping2 cannot be used for idle scanning.

    D. These ports are actually open on the target system.

  • Question 538:

    While reviewing the result of scanning run against a target network you come across the following:

    Which among the following can be used to get this output?

    A. A Bo2k system query.

    B. nmap protocol scan

    C. A sniffer

    D. An SNMP walk

  • Question 539:

    Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately. Which organization coordinates computer crime investigations throughout the United States?

    A. NDCA

    B. NICP

    C. CIRP

    D. NPC

    E. CIA

  • Question 540:

    Name two software tools used for OS guessing? (Choose two.)

    A. Nmap

    B. Snadboy

    C. Queso

    D. UserInfo

    E. NetBus

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V9 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.