1. Home
  2. EC-COUNCIL
  3. 312-50

EC-COUNCIL 312-50 Online Practice Questions and Exam Preparation

312-50 Exam Details

  • Exam Code
    :312-50
  • Exam Name
    :Certified Ethical Hacker
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :765 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-50 Online Questions & Answers

  • Question 371:

    A zone file consists of which of the following Resource Records (RRs)?

    A. DNS, NS, AXFR, and MX records
    B. DNS, NS, PTR, and MX records
    C. SOA, NS, AXFR, and MX records
    D. SOA, NS, A, and MX records

  • Question 372:

    One of the ways to map a targeted network for live hosts is by sending an ICMP ECHO request to the broadcast or the network address. The request would be broadcasted to all hosts on the targeted network. The live hosts will send an ICMP ECHO Reply to the attacker's source IP address.

    You send a ping request to the broadcast address 192.168.5.255.

    There are 40 computers up and running on the target network. Only 13 hosts send a reply while others do not. Why?

    A. Windows machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address.
    B. Linux machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address.
    C. You should send a ping request with this command ping ? 192.168.5.0-255
    D. You cannot ping a broadcast address. The above scenario is wrong.

  • Question 373:

    In which of the following should be performed first in any penetration test?

    A. System identification
    B. Intrusion Detection System testing
    C. Passive information gathering
    D. Firewall testing

  • Question 374:

    ________ is an automated vulnerability assessment tool.

    A. Whack a Mole
    B. Nmap
    C. Nessus
    D. Kismet
    E. Jill32

  • Question 375:

    Study the following exploit code taken from a Linux machine and answer the questions below:

    echo "ingreslock stream tcp nowait root /bin/sh sh I" > /tmp/x; /usr/sbin/inetd s /tmp/x; sleep 10;

    /bin/ rm f /tmp/x AAAA...AAA

    In the above exploit code, the command "/bin/sh sh I" is given.

    What is the purpose, and why is `sh' shown twice?

    A. The command /bin/sh sh i appearing in the exploit code is actually part of an inetd configuration file.
    B. The length of such a buffer overflow exploit makes it prohibitive for user to enter manually.The second `sh' automates this function.
    C. It checks for the presence of a codeword (setting the environment variable) among the environment variables.
    D. It is a giveaway by the attacker that he is a script kiddy.

  • Question 376:

    An Evil Cracker is attempting to penetrate your private network security. To do this, he must not be seen by your IDS, as it may take action to stop him. What tool might he use to bypass the IDS? Select the best answer.

    A. Firewalk
    B. Manhunt
    C. Fragrouter
    D. Fragids

  • Question 377:

    Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company's entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here?

    A. Neil has used a tailgating social engineering attack to gain access to the offices
    B. He has used a piggybacking technique to gain unauthorized access
    C. This type of social engineering attack is called man trapping
    D. Neil is using the technique of reverse social engineering to gain access to the offices of Davidson Avionics

  • Question 378:

    This kind of attack will let you assume a users identity at a dynamically generated web page or site:

    A. SQL Injection
    B. Cross Site Scripting
    C. Session Hijacking
    D. Zone Transfer

  • Question 379:

    Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two.

    What would you call this attack?

    A. Interceptor
    B. Man-in-the-middle
    C. ARP Proxy
    D. Poisoning Attack

  • Question 380:

    You want to know whether a packet filter is in front of 192.168.1.10. Pings to 192.168.1.10 don't get answered. A basic nmap scan of 192.168.1.10 seems to hang without returning any information. What should you do next?

    A. Use NetScan Tools Pro to conduct the scan
    B. Run nmap XMAS scan against 192.168.1.10
    C. Run NULL TCP hping2 against 192.168.1.10
    D. The firewall is blocking all the scans to 192.168.1.10

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.