312-50V7 Exam Details

  • Exam Code
    :312-50V7
  • Exam Name
    :Ethical Hacking and Countermeasures (CEHv7)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :514 Q&As
  • Last Updated
    :Jul 11, 2026

EC-COUNCIL 312-50V7 Online Questions & Answers

  • Question 21:

    In the context of password security: a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive - though slow. Usually, it tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary combined together to have variations of words, what would you call such an attack?

    A. Full Blown Attack
    B. Thorough Attack
    C. Hybrid Attack
    D. BruteDict Attack

  • Question 22:

    Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers) A. Bogus ECHO reply packets are flooded on the network spoofing the IP and MAC address

    B. The ICMP packets signal the victim system to reply and the combination of traffic saturates the bandwidth of the victim's network
    C. ECHO packets are flooded on the network saturating the bandwidth of the subnet causing denial of service
    D. A DDoS ICMP flood attack occurs when the zombies send large volumes of ICMP_ECHO_REPLY packets to the victim system.

  • Question 23:

    What port number is used by Kerberos protocol?

    A. 88
    B. 44
    C. 487
    D. 419

  • Question 24:

    WWW wanderers or spiders are programs that traverse many pages in the World Wide Web by recursively retrieving linked pages. Search engines like Google, frequently spider web pages for indexing. How will you stop web spiders from crawling certain directories on your website?

    A. Place robots.txt file in the root of your website with listing of directories that you don't want to be crawled
    B. Place authentication on root directories that will prevent crawling from these spiders
    C. Enable SSL on the restricted directories which will block these spiders from crawling
    D. Place "HTTP:NO CRAWL" on the html pages that you don't want the crawlers to index

  • Question 25:

    You receive an e-mail with the following text message.

    "Microsoft and HP today warned all customers that a new, highly dangerous virus has been discovered which will erase all your files at midnight. If there's a file called hidserv.exe on your computer, you have been infected and your computer is now running a hidden server that allows hackers to access your computer. Delete the file immediately. Please also pass this message to all your friends and colleagues as soon as possible." You launch your antivirus software and scan the suspicious looking file hidserv.exe located in

    c:\windows directory and the AV comes out clean meaning the file is not infected. You view the file signature and confirm that it is a legitimate Windows system file "Human Interface Device Service". What category of virus is this?

    A. Virus hoax
    B. Spooky Virus
    C. Stealth Virus
    D. Polymorphic Virus

  • Question 26:

    In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on the network to gain access.

    A. Token Injection Replay attacks
    B. Shoulder surfing attack
    C. Rainbow and Hash generation attack
    D. Dumpster diving attack

  • Question 27:

    E-mail tracking is a method to monitor and spy the delivered e-mails to the intended recipient.

    Select a feature, which you will NOT be able to accomplish with this probe?

    A. When the e-mail was received and read
    B. Send destructive e-mails
    C. GPS location and map of the recipient
    D. Time spent on reading the e-mails
    E. Whether or not the recipient visited any links sent to them
    F. Track PDF and other types of attachments
    G. Set messages to expire after specified time
    H. Remote control the User's E-mail client application and hijack the traffic

  • Question 28:

    A digital signature is simply a message that is encrypted with the public key instead of the private key.

    A. true
    B. false

  • Question 29:

    There is a WEP encrypted wireless access point (AP) with no clients connected. In order to crack the WEP key, a fake authentication needs to be performed. What information is needed when performing fake authentication to an AP? (Choose two.)

    A. The IP address of the AP
    B. The MAC address of the AP
    C. The SSID of the wireless network
    D. A failed authentication packet

  • Question 30:

    BankerFox is a Trojan that is designed to steal users' banking data related to certain banking entities.

    When they access any website of the affected banks through the vulnerable Firefox 3.5 browser, the Trojan is activated and logs the information entered by the user. All the information entered in that website will be logged by the Trojan and

    transmitted to the attacker's machine using covert channel.

    BankerFox does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer.

    What is the most efficient way an attacker located in remote location to infect this banking Trojan on a victim's machine?

    A. Physical access - the attacker can simply copy a Trojan horse to a victim's hard disk infecting the machine via Firefox add-on extensions
    B. Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer
    C. Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer
    D. Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer
    E. Downloading software from a website? An attacker can offer free software, such as shareware programs and pirated mp3 files

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V7 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.