1. Home
  2. EC-COUNCIL
  3. 312-50

EC-COUNCIL 312-50 Online Practice Questions and Exam Preparation

312-50 Exam Details

  • Exam Code
    :312-50
  • Exam Name
    :Certified Ethical Hacker
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :765 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-50 Online Questions & Answers

  • Question 671:

    A rootkit is a collection of tools (programs) that enable administrator-level access to a computer. This program hides itself deep into an operating system for malicious activity and is extremely difficult to detect. The malicious software operates in a stealth fashion by hiding its files, processes and registry keys and may be used to create a hidden directory or folder designed to keep out of view from a user's operating system and security software.

    What privilege level does a rootkit require to infect successfully on a Victim's machine?

    A. User level privileges
    B. Ring 3 Privileges
    C. System level privileges
    D. Kernel level privileges

  • Question 672:

    You are writing an antivirus bypassing Trojan using C++ code wrapped into chess.c to create an executable file chess.exe. This Trojan when executed on the victim machine, scans the entire system (c:\) for data with the following text "Credit Card" and "password". It then zips all the scanned files and sends an email to a predefined hotmail address. You want to make this Trojan persistent so that it survives computer reboots. Which registry entry will you add a key to make it persistent?

    A. HKEY_LOCAL_MACHINE\SOFTWARE\MICROOSFT\Windows\CurrentVersion\RunServices
    B. HKEY_LOCAL_USER\SOFTWARE\MICROOSFT\Windows\CurrentVersion\RunServices
    C. HKEY_LOCAL_SYSTEM\SOFTWARE\MICROOSFT\Windows\CurrentVersion\RunServices
    D. HKEY_CURRENT_USER\SOFTWARE\MICROOSFT\Windows\CurrentVersion\RunServices

  • Question 673:

    Which of the following is most effective against passwords ? Select the Answer:

    A. Dictionary Attack
    B. BruteForce attack
    C. Targeted Attack
    D. Manual password Attack

  • Question 674:

    Which of the following would be the best reason for sending a single SMTP message to an address that does not exist within the target company?

    A. To create a denial of service attack.
    B. To verify information about the mail administrator and his address.
    C. To gather information about internal hosts used in email treatment.
    D. To gather information about procedures that are in place to deal with such messages.

  • Question 675:

    War dialing is a very old attack and depicted in movies that were made years ago. Why would a modem security tester consider using such an old technique?

    A. It is cool, and if it works in the movies it must work in real life.
    B. It allows circumvention of protection mechanisms by being on the internal network.
    C. It allows circumvention of the company PBX.
    D. A good security tester would not use such a derelict technique.

  • Question 676:

    Which of the following is a patch management utility that scans one or more computers on your network and alerts you if you important Microsoft Security patches are missing. It then provides links that enable those missing patches to be downloaded and installed.

    A. MBSA
    B. BSSA
    C. ASNB
    D. PMUS

  • Question 677:

    Central Frost Bank was a medium-sized, regional financial institution in New York. The bank recently deployed a new Internet-accessible Web application. Using this application, Central Frost's customers could access their account balances, transfer money between accounts, pay bills and conduct online financial business through a Web browser. John Stevens was in charge of information security at Central Frost Bank. After one month in production, the Internet banking application was the subject of several customer complaints. Mysteriously, the account balances ofmany of Central Frost's customers had been changed! However, moneyhadn't been removed from the bank. Instead, money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web application's logs and found the following entries:

    Attempted login of unknown user: johnm Attempted login of unknown user: susaR Attempted login of unknown user: sencat Attempted login of unknown user: pete''; Attempted login of unknown user: ' or 1=1-Attempted login of unknown user: '; drop table logins-Login of user jason, sessionID= 0x75627578626F6F6B Login of user daniel, sessionID= 0x98627579539E13BE Login of user rebecca, sessionID= 0x9062757944CCB811 Login of user mike, sessionID= 0x9062757935FB5C64 Transfer Funds user jason Pay Bill user mike Logout of user mike

    What type of attack did the Hacker attempt?

    A. Brute force attack in which the Hacker attempted guessing login ID and password from password cracking tools.
    B. The Hacker used a random generator module to pass results to the Web server and exploited Web application CGI vulnerability.
    C. The Hacker attempted SQL Injection technique to gain access to a valid bank login ID.
    D. The Hacker attempted Session hijacking, in which the Hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason's session.

  • Question 678:

    Buffer X in an Accounting application module for Brownies Inc. can contain 200 characters. The programmer makes an assumption that 200 characters are more than enough. Because there were no proper boundary checks being conducted, Bob decided to insert 400 characters into the 200-character buffer. (Overflows the buffer). Below is the code snippet.

    How can you protect/fix the problem of your application as shown above?

    A. Because the counter starts with 0, we would stop when the counter is less than 200
    B. Because the counter starts with 0, we would stop when the counter is more than 200
    C. Add a separate statement to signify that if we have written 200 characters to the buffer, the stack should stop because it can't hold any more data
    D. Add a separate statement to signify that if we have written less than 200 characters to the buffer, the stack should stop because it can't hold any more data

  • Question 679:

    In which step Steganography fits in CEH System Hacking Cycle (SHC)

    A. Step 2: Crack the password
    B. Step 1: Enumerate users
    C. Step 3: Escalate privileges
    D. Step 4: Execute applications
    E. Step 5: Hide files
    F. Step 6: Cover your tracks

  • Question 680:

    What are the main drawbacks for anti-virus software?

    A. AV software is difficult to keep up to the current revisions.
    B. AV software can detect viruses but can take no action.
    C. AV software is signature driven so new exploits are not detected.
    D. It's relatively easy for an attacker to change the anatomy of an attack to bypass AV systems
    E. AV software isn't available on all major operating systems platforms.
    F. AV software is very machine (hardware) dependent.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.