1. Home
  2. EC-COUNCIL
  3. 312-50V12

EC-Council Certified Ethical Hacker (C|EH v12)

Exam Details

  • Exam Code
    :312-50V12
  • Exam Name
    :EC-Council Certified Ethical Hacker (C|EH v12)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :596 Q&As
  • Last Updated
    :Jun 04, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50V12 Questions & Answers

  • Question 421:

    You are performing a penetration test for a client and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the internal domain, if the DNS server is at 192.168.10.2 and the domain name is abccorp.local, what command would you type at the nslookup prompt to attempt a zone transfer?

    A. list server=192.168.10.2 type=all

    B. is-d abccorp.local

    C. Iserver 192.168.10.2-t all

    D. List domain=Abccorp.local type=zone

  • Question 422:

    Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics:

    1.

    Verifies the success or failure of an attack

    2.

    Monitors system activities

    3.

    Detects attacks that a network-based IDS fails to detect

    4.

    Provides near real-time detection and response

    5.

    Does not require additional hardware

    6.

    Has a lower entry cost

    Which type of IDS is best suited for Tremp's requirements?

    A. Gateway-based IDS

    B. Network-based IDS

    C. Host-based IDS

    D. Open source-based

  • Question 423:

    Roma is a member of a security team. She was tasked with protecting the internal network of an organization from imminent threats. To accomplish this task, Roma fed threat intelligence into the security devices in a digital format to block and

    identify inbound and outbound malicious traffic entering the organization's network.

    Which type of threat intelligence is used by Roma to secure the internal network?

    A. Technical threat intelligence

    B. Operational threat intelligence

    C. Tactical threat intelligence

    D. Strategic threat intelligence

  • Question 424:

    Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs:

    From the above list identify the user account with System Administrator privileges.

    A. John

    B. Rebecca

    C. Sheela

    D. Shawn

    E. Somia

    F. Chang

    G. Micah

  • Question 425:

    What piece of hardware on a computer's motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible?

    A. CPU

    B. GPU

    C. UEFI

    D. TPM

  • Question 426:

    The following is an entry captured by a network IDS. You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack.

    You also notice "/bin/sh" in the ASCII part of the output.

    As an analyst what would you conclude about the attack?

    A. The buffer overflow attack has been neutralized by the IDS

    B. The attacker is creating a directory on the compromised machine

    C. The attacker is attempting a buffer overflow attack and has succeeded

    D. The attacker is attempting an exploit that launches a command-line shell

  • Question 427:

    The network team has well-established procedures to follow for creating new rules on the firewall. This includes having approval from a manager prior to implementing any new rules. While reviewing the firewall configuration, you notice a recently implemented rule but cannot locate manager approval for it. What would be a good step to have in the procedures for a situation like this?

    A. Have the network team document the reason why the rule was implemented without prior manager approval.

    B. Monitor all traffic using the firewall rule until a manager can approve it.

    C. Do not roll back the firewall rule as the business may be relying upon it, but try to get manager approval as soon as possible.

    D. Immediately roll back the firewall rule until a manager can approve it

  • Question 428:

    Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using?

    A. Nikto

    B. Nmap

    C. Metasploit

    D. Armitage

  • Question 429:

    You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c

    What is the hexadecimal value of NOP instruction?

    A. 0x60

    B. 0x80

    C. 0x70

    D. 0x90

  • Question 430:

    Why should the security analyst disable/remove unnecessary ISAPI filters?

    A. To defend against social engineering attacks

    B. To defend against webserver attacks

    C. To defend against jailbreaking

    D. To defend against wireless attacks

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V12 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.