1. Home
  2. EC-COUNCIL
  3. 312-50

EC-COUNCIL 312-50 Online Practice Questions and Exam Preparation

312-50 Exam Details

  • Exam Code
    :312-50
  • Exam Name
    :Certified Ethical Hacker
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :765 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-50 Online Questions & Answers

  • Question 471:

    Which one of the following instigates a SYN flood attack?

    A. Generating excessive broadcast packets.
    B. Creating a high number of half-open connections.
    C. Inserting repetitive Internet Relay Chat (IRC) messages.
    D. A large number of Internet Control Message Protocol (ICMP) traces.

  • Question 472:

    The traditional traceroute sends out ICMP ECHO packets with a TTL of one, and increments the TTL until the destination has been reached. By printing the gateways that generate ICMP time exceeded messages along the way, it is able to determine the path packets take to reach the destination.

    The problem is that with the widespread use of firewalls on the Internet today, many of the packets that traceroute sends out end up being filtered, making it impossible to completely trace the path to the destination.

    How would you overcome the Firewall restriction on ICMP ECHO packets?

    A. Firewalls will permit inbound TCP packets to specific ports that hosts sitting behind the firewall are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.
    B. Firewalls will permit inbound UDP packets to specific ports that hosts sitting behind the firewall are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.
    C. Firewalls will permit inbound UDP packets to specific ports that hosts sitting behind the firewall are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.
    D. Do not use traceroute command to determine the path packets take to reach the destination instead use the custom hacking tool JOHNTHETRACER and run with the command
    E. \> JOHNTHETRACER www.eccouncil.org -F -evade

  • Question 473:

    David is a security administrator working in Boston. David has been asked by the office's manager to block all POP3 traffic at the firewall because he believes employees are spending too much time reading personal email. How can David block POP3 at the firewall?

    A. David can block port 125 at the firewall.
    B. David can block all EHLO requests that originate from inside the office.
    C. David can stop POP3 traffic by blocking all HELO requests that originate from inside the office.
    D. David can block port 110 to block all POP3 traffic.

  • Question 474:

    Bob has been hired to perform a penetration test on ABC.com. He begins by looking at IP address ranges owned by the company and details of domain name registration. He then goes to News Groups and financial web sites to see if they are leaking any sensitive information of have any technical details online.

    Within the context of penetration testing methodology, what phase is Bob involved with?

    A. Passive information gathering
    B. Active information gathering
    C. Attack phase
    D. Vulnerability Mapping

  • Question 475:

    To scan a host downstream from a security gateway, Firewalking:

    A. Sends a UDP-based packet that it knows will be blocked by the firewall to determine how specifically the firewall responds to such packets
    B. Uses the TTL function to send packets with a TTL value set to expire one hop past the identified security gateway
    C. Sends an ICMP ''administratively prohibited'' packet to determine if the gateway will drop the packet without comment.
    D. Assesses the security rules that relate to the target system before it sends packets to any hops on the route to the gateway

  • Question 476:

    _________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.

    A. Trojan
    B. RootKit
    C. DoS tool
    D. Scanner
    E. Backdoor

  • Question 477:

    Which of the following statements would not be a proper definition for a Trojan Horse?

    A. An unauthorized program contained within a legitimate program.This unauthorized program performs functions unknown (and probably unwanted) by the user.
    B. A legitimate program that has been altered by the placement of unauthorized code within it; this code perform functions unknown (and probably unwanted) by the user.
    C. An authorized program that has been designed to capture keyboard keystrokes while the user remains unaware of such an activity being performed.
    D. Any program that appears to perform a desirable and necessary function but that (because of unauthorized code within it that is unknown to the user) performs functions unknown (and definitely unwanted) by the user.

  • Question 478:

    Bob has been hired to do a web application security test. Bob notices that the site is dynamic and infers that they mist be making use of a database at the application back end. Bob wants to validate whether SQL Injection would be possible.

    What is the first character that Bob should use to attempt breaking valid SQL requests?

    A. Semi Column
    B. Double Quote
    C. Single Quote
    D. Exclamation Mark

  • Question 479:

    Which definition among those given below best describes a covert channel?

    A. A server program using a port that is not well known.
    B. Making use of a protocol in a way it is not intended to be used.
    C. It is the multiplexing taking place on a communication link.
    D. It is one of the weak channels used by WEP which makes it insecure.

  • Question 480:

    Harold just got home from working at Henderson LLC where he works as an IT technician. He was able to get off early because they were not too busy. When he walks into his home office, he notices his teenage daughter on the computer, apparently chatting with someone online. As soon as she hears Harold enter the room, she closes all her windows and tries to act like she was playing a game. When Harold asks her what she was doing, she acts very nervous and does not give him a straight answer. Harold is very concerned because he does not want his daughter to fall victim to online predators and the sort. Harold doesn't necessarily want to install any programs that will restrict the sites his daughter goes to, because he doesn't want to alert her to his trying to figure out what she is doing. Harold wants to use some kind of program that will track her activities online, and send Harold an email of her activity once a day so he can see what she has been up to. What kind of software could Harold use to accomplish this?

    A. Install hardware Keylogger on her computer
    B. Install screen capturing Spyware on her computer
    C. Enable Remote Desktop on her computer
    D. Install VNC on her computer

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.