1. Home
  2. EC-COUNCIL
  3. 312-50

EC-COUNCIL 312-50 Online Practice Questions and Exam Preparation

312-50 Exam Details

  • Exam Code
    :312-50
  • Exam Name
    :Certified Ethical Hacker
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :765 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-50 Online Questions & Answers

  • Question 411:

    Access control is often implemented through the use of MAC address filtering on wireless Access Points. Why is this considered to be a very limited security measure?

    A. Vendors MAC address assignment is published on the Internet.
    B. The MAC address is not a real random number.
    C. The MAC address is broadcasted and can be captured by a sniffer.
    D. The MAC address is used properly only on Macintosh computers.

  • Question 412:

    This is an authentication method in which is used to prove that a party knows a password without transmitting the password in any recoverable form over a network. This authentication is secure because the password is never transmitted over the network, even in hashed form; only a random number and an encrypted random number are sent.

    A. Realm Authentication
    B. SSL Authentication
    C. Basic Form Authentication
    D. Cryptographic Authentication
    E. Challenge/Response Authentication

  • Question 413:

    Sara is making use of Digest Authentication for her Web site. Why is this considered to be more secure than Basic authentication?

    A. Basic authentication is broken
    B. The password is never sent in clear text over the network
    C. The password sent in clear text over the network is never reused.
    D. It is based on Kerberos authentication protocol

  • Question 414:

    What is the name of the software tool used to crack a single account on Netware Servers using a dictionary attack?

    A. NPWCrack
    B. NWPCrack
    C. NovCrack
    D. CrackNov
    E. GetCrack

  • Question 415:

    You are the CIO for Avantes Finance International, a global finance company based in Geneva. You are responsible for network functions and logical security throughout the entire corporation. Your company has over 250 servers running Windows Server, 5000 workstations running Windows Vista, and 200 mobile users working from laptops on Windows 7.

    Last week, 10 of your company's laptops were stolen from salesmen while at a conference in Amsterdam. These laptops contained proprietary company information. While doing damage assessment on the possible public relations nightmare this may become, a news story leaks about the stolen laptops and also that sensitive information from those computers was posted to a blog online.

    What built-in Windows feature could you have implemented to protect the sensitive information on these laptops?

    A. You should have used 3DES which is built into Windows
    B. If you would have implemented Pretty Good Privacy (PGP) which is built into Windows, the sensitive information on the laptops would not have leaked out
    C. You should have utilized the built-in feature of Distributed File System (DFS) to protect the sensitive information on the laptops
    D. You could have implemented Encrypted File System (EFS) to encrypt the sensitive files on the laptops

  • Question 416:

    Exhibit:

    You are conducting pen-test against a company's website using SQL Injection techniques. You enter "anuthing or 1=1-" in the username filed of an authentication form. This is the output returned from the server. What is the next step you should do?

    A. Identify the user context of the web application by running_http://www.example.com/order/include_rsa_asp?pressReleaseID=5ANDUSER_NAME() = `dbo'
    B. Identify the database and table name by running:http://www.example.com/order/include_rsa.asp? pressReleaseID=5ANDascii(lower(substring((SELECT TOP 1 name FROM sysobjects WHERExtype='U'),1))) > 109
    C. Format the C: drive and delete the database by running:http://www.example.com/order/include_rsa.asp?pressReleaseID=5 ANDxp_cmdshell `format c: /q /yes `; drop database myDB; -
    D. Reboot the web server by running:http://www.example.com/order/include_rsa.asp? pressReleaseID=5AND xp_cmdshell `iisreset reboot'; -

  • Question 417:

    What does an ICMP (Code 13) message normally indicates?

    A. It indicates that the destination host is unreachable
    B. It indicates to the host that the datagram which triggered the source quench message will need to be re-sent
    C. It indicates that the packet has been administratively dropped in transit
    D. It is a request to the host to cut back the rate at which it is sending traffic to the Internet destination

  • Question 418:

    What type of session hijacking attack is shown in the exhibit?

    A. Cross-site scripting Attack
    B. SQL Injection Attack
    C. Token sniffing Attack
    D. Session Fixation Attack

  • Question 419:

    In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN

    number and other personal details. Ignorant users usually fall prey to this scam.

    Which of the following statement is incorrect related to this attack?

    A. Do not reply to email messages or popup ads asking for personal or financial information
    B. Do not trust telephone numbers in e-mails or popup ads
    C. Review credit card and bank account statements regularly
    D. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
    E. Do not send credit card numbers, and personal or financial information via e-mail

  • Question 420:

    What does the this symbol mean?

    A. Open Access Point
    B. WPA Encrypted Access Point
    C. WEP Encrypted Access Point
    D. Closed Access Point

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.