1. Home
  2. EC-COUNCIL
  3. 312-50V11

EC-COUNCIL 312-50V11 Online Practice Questions and Exam Preparation

312-50V11 Exam Details

  • Exam Code
    :312-50V11
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v11)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :528 Q&As
  • Last Updated
    :May 28, 2026

EC-COUNCIL 312-50V11 Online Questions & Answers

  • Question 231:

    What is the least important information when you analyze a public IP address in a security alert?

    A. DNS
    B. Whois
    C. Geolocation
    D. ARP

  • Question 232:

    You have compromised a server on a network and successfully opened a shell. You aimed to identify all operating systems running on the network. However, as you attempt to fingerprint all machines in the network using the nmap syntax

    below, it is not going through.

    invictus@victim_server.~$ nmap -T4 -O 10.10.0.0/24 TCP/IP fingerprinting (for OS scan) xxxxxxx xxxxxx xxxxxxxxx. QUITTING!

    What seems to be wrong?

    A. The nmap syntax is wrong.
    B. This is a common behavior for a corrupted nmap application.
    C. The outgoing TCP/IP fingerprinting is blocked by the host firewall.
    D. OS Scan requires root privileges.

  • Question 233:

    Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

    A. ESP transport mode
    B. ESP confidential
    C. AH permiscuous
    D. AH Tunnel mode

  • Question 234:

    A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows

    that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client.

    What is a possible source of this problem?

    A. The WAP does not recognize the client's MAC address
    B. The client cannot see the SSID of the wireless network
    C. Client is configured for the wrong channel
    D. The wireless client is not configured to use DHCP

  • Question 235:

    Calvin, a software developer, uses a feature that helps him auto-generate the content of a web page without manual involvement and is integrated with SSI directives. This leads to a vulnerability in the developed web application as this feature accepts remote user inputs and uses them on the page. Hackers can exploit this feature and pass malicious SSI directives as input values to perform malicious activities such as modifying and erasing server files. What is the type of injection attack Calvin's web application is susceptible to?

    A. Server-side template injection
    B. Server-side JS injection
    C. CRLF injection
    D. Server-side includes injection

  • Question 236:

    Harris is attempting to identify the OS running on his target machine. He inspected the initial TTL in the IP header and the related TCP window size and obtained the following results:

    TTL: 64 Window Size: 5840

    What is the OS running on the target machine?

    A. Solaris OS
    B. Windows OS
    C. Mac OS
    D. Linux OS

  • Question 237:

    Widespread fraud ac Enron. WorldCom, and Tyco led to the creation of a law that was designed to improve the accuracy and accountability of corporate disclosures. It covers accounting firms and third parties that provide financial services to some organizations and came into effect in 2002. This law is known by what acronym?

    A. Fed RAMP
    B. PCIDSS
    C. SOX
    D. HIPAA

  • Question 238:

    Which of the following web vulnerabilities would an attacker be attempting to exploit if they delivered the following input?

    ] >

    A. XXE
    B. SQLi
    C. IDOR
    D. XXS

  • Question 239:

    Attacker Simon targeted the communication network of an organization and disabled the security controls of NetNTLMvl by modifying the values of LMCompatibilityLevel, NTLMMinClientSec, and RestrictSendingNTLMTraffic. He then extracted all the non- network logon tokens from all the active processes to masquerade as a legitimate user to launch further attacks. What is the type of attack performed by Simon?

    A. Internal monologue attack
    B. Combinator attack
    C. Rainbow table attack
    D. Dictionary attack

  • Question 240:

    An attacker runs netcat tool to transfer a secret file between two hosts.

    He is worried about information being sniffed on the network.

    How would the attacker use netcat to encrypt the information before transmitting onto the wire?

    A. Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat
    B. Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat
    C. Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat 1234 -pw password
    D. Use cryptcat instead of netcat

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V11 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.