1. Home
  2. EC-COUNCIL
  3. 312-50V11

EC-COUNCIL 312-50V11 Online Practice Questions and Exam Preparation

312-50V11 Exam Details

  • Exam Code
    :312-50V11
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v11)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :528 Q&As
  • Last Updated
    :May 28, 2026

EC-COUNCIL 312-50V11 Online Questions & Answers

  • Question 421:

    This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data.

    What is this attack?

    A. Cross-site-scripting attack
    B. SQL Injection
    C. URL Traversal attack
    D. Buffer Overflow attack

  • Question 422:

    The security team of Debry Inc. decided to upgrade Wi-Fi security to thwart attacks such as dictionary attacks and key recovery attacks. For this purpose, the security team started implementing cutting-edge technology that uses a modern key establishment protocol called the simultaneous authentication of equals (SAE), also known as dragonfly key exchange, which replaces the PSK concept. What is the Wi-Fi encryption technology implemented by Debry Inc.?

    A. WEP
    B. WPA
    C. WPA2
    D. WPA3

  • Question 423:

    Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate data. He is using the NSTX tool for bypassing the firewalls. On which of the following ports should Robin run the NSTX tool?

    A. Port 53
    B. Port 23
    C. Port 50
    D. Port 80

  • Question 424:

    Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

    A. Nikto
    B. John the Ripper
    C. Dsniff
    D. Snort

  • Question 425:

    An attacker redirects the victim to malicious websites by sending them a malicious link by email. The link appears authentic but redirects the victim to a malicious web page, which allows the attacker to steal the victim's data. What type of attack is this?

    A. Phishing
    B. Vlishing
    C. Spoofing
    D. DDoS

  • Question 426:

    Which of the following allows attackers to draw a map or outline the target organization's network infrastructure to know about the actual environment that they are going to hack.

    A. Enumeration
    B. Vulnerability analysis
    C. Malware analysis
    D. Scanning networks

  • Question 427:

    Attacker Lauren has gained the credentials of an organization's internal server system, and she was often logging in during irregular times to monitor the network activities. The organization was skeptical about the login times and appointed security professional Robert to determine the issue. Robert analyzed the compromised device to find incident details such as the type of attack, its severity, target, impact, method of propagation, and vulnerabilities exploited. What is the incident handling and response (IHandR) phase, in which Robert has determined these issues?

    A. Preparation
    B. Eradication
    C. Incident recording and assignment
    D. Incident triage

  • Question 428:

    When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's Computer to update the router configuration. What type of an alert is this?

    A. False negative
    B. True negative
    C. True positive
    D. False positive

  • Question 429:

    Elante company has recently hired James as a penetration tester. He was tasked with performing enumeration on an organization's network. In the process of enumeration, James discovered a service that is accessible to external sources. This service runs directly on port 21. What is the service enumerated byjames in the above scenario?

    A. Border Gateway Protocol (BGP)
    B. File Transfer Protocol (FTP)
    C. Network File System (NFS)
    D. Remote procedure call (RPC)

  • Question 430:

    Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain.

    What do you think Tess King is trying to accomplish? Select the best answer.

    A. A zone harvesting
    B. A zone transfer
    C. A zone update
    D. A zone estimate

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V11 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.