1. Home
  2. EC-COUNCIL
  3. 312-50

EC-COUNCIL 312-50 Online Practice Questions and Exam Preparation

312-50 Exam Details

  • Exam Code
    :312-50
  • Exam Name
    :Certified Ethical Hacker
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :765 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-50 Online Questions & Answers

  • Question 421:

    An employee wants to defeat detection by a network-based IDS application. He does not want to attack the system containing the IDS application. Which of the following strategies can be used to defeat detection by a network-based IDS application? (Choose the best answer)

    A. Create a network tunnel.
    B. Create a multiple false positives.
    C. Create a SYN flood.
    D. Create a ping flood.

  • Question 422:

    Clive is conducting a pen-test and has just port scanned a system on the network. He has identified the operating system as Linux and been able to elicit responses from ports 23, 25 and 53. He infers port 23 as running Telnet service, port 25 as running SMTP service and port 53 as running DNS service. The client confirms these findings and attests to the current availability of the services. When he tries to telnet to port 23 or 25, he gets a blank screen in response. On typing other commands, he sees only blank spaces or underscores symbols on the screen. What are you most likely to infer from this?

    A. The services are protected by TCP wrappers
    B. There is a honeypot running on the scanned machine
    C. An attacker has replaced the services with trojaned ones
    D. This indicates that the telnet and SMTP server have crashed

  • Question 423:

    Who is an Ethical Hacker?

    A. A person who hacks for ethical reasons
    B. A person who hacks for an ethical cause
    C. A person who hacks for defensive purposes
    D. A person who hacks for offensive purposes

  • Question 424:

    An SNMP scanner is a program that sends SNMP requests to multiple IP addresses, trying different community strings and waiting for a reply. Unfortunately SNMP servers don't respond to requests with invalid community strings and the underlying protocol does not reliably report closed ports. This means that 'no response' from the probed IP address can mean which of the following:

    (Select up to 3)

    A. Invalid community string
    B. S-AUTH protocol is running on the SNMP server
    C. Machine unreachable
    D. SNMP server not running

  • Question 425:

    What is the following command used for? net use \targetipc$ "" /u:""

    A. Grabbing the etc/passwd file
    B. Grabbing the SAM
    C. Connecting to a Linux computer through Samba.
    D. This command is used to connect as a null session
    E. Enumeration of Cisco routers

  • Question 426:

    Angela is trying to access an education website that requires a username and password to login. When Angela clicks on the link to access the login page, she gets an error message stating that the page can't be reached. She contacts the website's support team and they report that no one else is having any issues with the site. After handing the issue over to her company's IT department, it is found that the education website requires any computer accessing the site must be able to respond to a ping from the education's server. Since Angela's computer is behind a corporate firewall, her computer can't ping the education website back.

    What ca Angela's IT department do to get access to the education website?

    A. Change the IP on Angela's Computer to an address outside the firewall
    B. Change the settings on the firewall to allow all incoming traffic on port 80
    C. Change the settings on the firewall all outbound traffic on port 80
    D. Use a Internet browser other than the one that Angela is currently using

  • Question 427:

    What is a Trojan Horse?

    A. A malicious program that captures your username and password
    B. Malicious code masquerading as or replacing legitimate code
    C. An unauthorized user who gains access to your user database and adds themselves as a user
    D. A server that is to be sacrificed to all hacking attempts in order to log and monitor the hacking activity

  • Question 428:

    Identify SQL injection attack from the HTTP requests shown below:

    A. http://www.victim.com/example?accountnumber=67891andcreditamount=999999999
    B. http://www.xsecurity.com/cgiin/bad.cgi?foo=..%fc%80%80%80%80%af../bin/ls%20-al
    C. http://www.myserver.com/search.asp?lname=smith%27%3bupdate%20usertable%20set%20passwd %3d%27hAx0r%27%3b--%00
    D. http://www.myserver.com/script.php?mydata=%3cscript%20src=%22http%3a%2f %2fwww.yourserver.c0m%2fbadscript.js%22% 3e%3c%2fscript%3e

  • Question 429:

    Where should a security tester be looking for information that could be used by an attacker against an organization? (Select all that apply)

    A. CHAT rooms
    B. WHOIS database
    C. News groups
    D. Web sites
    E. Search engines
    F. Organization's own web site

  • Question 430:

    Bob is a Junior Administrator at ABC.com is searching the port number of POP3 in a file. The partial output of the file is look like:

    In which file he is searching?

    A. services
    B. protocols
    C. hosts
    D. resolve.conf

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.