1. Home
  2. EC-COUNCIL
  3. 312-50

EC-COUNCIL 312-50 Online Practice Questions and Exam Preparation

312-50 Exam Details

  • Exam Code
    :312-50
  • Exam Name
    :Certified Ethical Hacker
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :765 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-50 Online Questions & Answers

  • Question 621:

    Bret is a web application administrator and has just read that there are a number of surprisingly common web application vulnerabilities that can be exploited by unsophisticated attackers with easily available tools on the Internet.

    He has also read that when an organization deploys a web application, they invite the world to send HTTP requests. Attacks buried in these requests sail past firewalls, filters, platform hardening, SSL, and IDS without notice because they are inside legal HTTP requests. Bret is determined to weed out any vulnerabilities. What are some common vulnerabilities in web applications that he should be concerned about?

    A. Non-validated parameters, broken access control, broken account and session management, cross- side scripting and buffer overflows are just a few common vulnerabilities
    B. No IDS configured, anonymous user account set as default, missing latest security patch, no firewall filters set and visible clear text passwords are just a few common vulnerabilities
    C. Visible clear text passwords, anonymous user account set as default, missing latest security patch, no firewall filters set and no SSL configured are just a few common vulnerabilities
    D. No SSL configured, anonymous user account set as default, missing latest security patch, no firewall filters set and an inattentive system administrator are just a few common vulnerabilities

  • Question 622:

    Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.

    Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers.

    A. Hardware, Software, and Sniffing.
    B. Hardware and Software Keyloggers.
    C. Passwords are always best obtained using Hardware key loggers.
    D. Software only, they are the most effective.

  • Question 623:

    John is discussing security with Jane. Jane had mentioned to John earlier that she suspects an LKM has been installed on her server. She believes this is the reason that the server has been acting erratically lately. LKM stands for Loadable Kernel Module.

    What does this mean in the context of Linux Security?

    A. Loadable Kernel Modules are a mechanism for adding functionality to a file system without requiring a kernel recompilation.
    B. Loadable Kernel Modules are a mechanism for adding functionality to an operating-system kernel after it has been recompiled and the system rebooted.
    C. Loadable Kernel Modules are a mechanism for adding auditing to an operating-system kernel without requiring a kernel recompilation.
    D. Loadable Kernel Modules are a mechanism for adding functionality to an operating-system kernel without requiring a kernel recompilation.

  • Question 624:

    Why would an ethical hacker use the technique of firewalking?

    A. It is a technique used to discover wireless network on foot.
    B. It is a technique used to map routers on a network link.
    C. It is a technique used to discover the nature of rules configured on a gateway.
    D. It is a technique used to discover interfaces in promiscuous mode.

  • Question 625:

    File extensions provide information regarding the underlying server technology. Attackers can use this information to search vulnerabilities and launch attacks. How would you disable file extensions in Apache servers?

    A. Use disable-eXchange
    B. Use mod_negotiation
    C. Use Stop_Files
    D. Use Lib_exchanges

  • Question 626:

    Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

    A. Overloading Port Address Translation
    B. Dynamic Port Address Translation
    C. Dynamic Network Address Translation
    D. Static Network Address Translation

  • Question 627:

    You are gathering competitive intelligence on an organization. You notice that they have jobs listed on a few Internet job-hunting sites. There are two jobs for network and system administrators. How can this help you in foot printing the organization?

    A. To learn about the IP range used by the target network
    B. To identify the number of employees working for the company
    C. To test the limits of the corporate security policy enforced in the company
    D. To learn about the operating systems, services and applications used on the network

  • Question 628:

    John has a proxy server on his network which caches and filters web access. He shuts down all unnecessary ports and services. Additionally, he has installed a firewall (Cisco PIX) that will not allow users to connect to any outbound ports. Jack, a network user has successfully connected to a remote server on port 80 using netcat. He could in turn drop a shell from the remote machine. Assuming an attacker wants to penetrate John's network, which of the following options is he likely to choose?

    A. Use ClosedVPN
    B. Use Monkey shell
    C. Use reverse shell using FTP protocol
    D. Use HTTPTunnel or Stunnel on port 80 and 443

  • Question 629:

    In Linux, the three most common commands that hackers usually attempt to Trojan are:

    A. car, xterm, grep
    B. netstat, ps, top
    C. vmware, sed, less
    D. xterm, ps, nc

  • Question 630:

    While probing an organization you discover that they have a wireless network. From your attempts to connect to the WLAN you determine that they have deployed MAC filtering by using ACL on the access points. What would be the easiest way to circumvent and communicate on the WLAN?

    A. Attempt to crack the WEP key using Airsnort.
    B. Attempt to brute force the access point and update or delete the MAC ACL.
    C. Steel a client computer and use it to access the wireless network.
    D. Sniff traffic if the WLAN and spoof your MAC address to one that you captured.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.