1. Home
  2. EC-COUNCIL
  3. 312-50V10

EC-COUNCIL 312-50V10 Online Practice Questions and Exam Preparation

312-50V10 Exam Details

  • Exam Code
    :312-50V10
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :747 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-50V10 Online Questions & Answers

  • Question 401:

    The security concept of "separation of duties" is most similar to the operation of which type of security device?

    A. Firewall
    B. Bastion host
    C. Intrusion Detection System
    D. Honeypot

  • Question 402:

    Pentest results indicate that voice over IP traffic is traversing a network. Which of the following tools will decode a packet capture and extract the voice conversations?

    A. Cain
    B. John the Ripper
    C. Nikto
    D. Hping

  • Question 403:

    Bob learned that his username and password for a popular game has been compromised. He contacts the company and resets all the information. The company suggests he use two-factor authentication, which option below offers that?

    A. A new username and password
    B. A fingerprint scanner and his username and password.
    C. Disable his username and use just a fingerprint scanner.
    D. His username and a stronger password.

  • Question 404:

    Which Open Web Application Security Project (OWASP) implements a web application full of known vulnerabilities?

    A. WebBugs
    B. WebGoat
    C. VULN_HTML
    D. WebScarab

  • Question 405:

    What does a type 3 code 13 represent? (Choose two.)

    A. Echo request
    B. Destination unreachable
    C. Network unreachable
    D. Administratively prohibited
    E. Port unreachable
    F. Time exceeded

  • Question 406:

    You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist's email, and you send her an email changing the source email to her boss's email ( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network.

    What testing method did you use?

    A. Social engineering
    B. Tailgating
    C. Piggybacking
    D. Eavesdropping

  • Question 407:

    Which of the following is a detective control?

    A. Smart card authentication
    B. Security policy
    C. Audit trail
    D. Continuity of operations plan

  • Question 408:

    You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity, what tool would you most likely select?

    A. Nmap
    B. Cain and Abel
    C. Nessus
    D. Snort

  • Question 409:

    A company firewall engineer has configured a new DMZ to allow public systems to be located away from the internal network. The engineer has three security zones set:

    The engineer wants to configure remote desktop access from a fixed IP on the remote network to a remote desktop server in the DMZ. Which rule would best fit this requirement?

    A. Permit 217.77.88.0/24 11.12.13.0/24 RDP 3389
    B. Permit 217.77.88.12 11.12.13.50 RDP 3389
    C. Permit 217.77.88.12 11.12.13.0/24 RDP 3389
    D. Permit 217.77.88.0/24 11.12.13.50 RDP 3389

  • Question 410:

    In cryptanalysis and computer security, 'pass the hash' is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case.

    Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system that you already know the credentials for. It was written by sysinternals and has been integrated within the framework. Often as penetration testers, successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values.

    Which of the following is true hash type and sort order that is using in the psexec module's 'smbpass'?

    A. NT:LM
    B. LM:NT
    C. LM:NTLM
    D. NTLM:LM

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.