1. Home
  2. EC-COUNCIL
  3. 312-50V7

Ethical Hacking and Countermeasures (CEHv7)

Exam Details

  • Exam Code
    :312-50V7
  • Exam Name
    :Ethical Hacking and Countermeasures (CEHv7)
  • Certification
    :Certified Ethical Hacker
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :514 Q&As
  • Last Updated
    :May 28, 2025

EC-COUNCIL Certified Ethical Hacker 312-50V7 Questions & Answers

  • Question 451:

    A rootkit is a collection of tools (programs) that enable administrator-level access to a computer. This program hides itself deep into an operating system for malicious activity and is extremely difficult to detect. The malicious software operates in a stealth fashion by hiding its files, processes and registry keys and may be used to create a hidden directory or folder designed to keep out of view from a user's operating system and security software.

    What privilege level does a rootkit require to infect successfully on a Victim's machine?

    A. User level privileges

    B. Ring 3 Privileges

    C. System level privileges

    D. Kernel level privileges

  • Question 452:

    What is a sniffing performed on a switched network called?

    A. Spoofed sniffing

    B. Passive sniffing

    C. Direct sniffing

    D. Active sniffing

  • Question 453:

    In what stage of Virus life does a stealth virus gets activated with the user performing certain actions such as running an infected program?

    A. Design

    B. Elimination

    C. Incorporation

    D. Replication

    E. Launch

    F. Detection

  • Question 454:

    You are the Security Administrator of Xtrinity, Inc. You write security policies and conduct assessments to protect the company's network. During one of your periodic checks to see how well policy is being observed by the employees, you discover an employee has attached cell phone 3G modem to his telephone line and workstation. He has used this cell phone 3G modem to dial in to his workstation, thereby bypassing your firewall. A security breach has occurred as a direct result of this activity. The employee explains that he used the modem because he had to download software for a department project. How would you resolve this situation?

    A. Reconfigure the firewall

    B. Enforce the corporate security policy

    C. Install a network-based IDS

    D. Conduct a needs analysis

  • Question 455:

    What file system vulnerability does the following command take advantage of?

    type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe

    A. HFS

    B. Backdoor access

    C. XFS

    D. ADS

  • Question 456:

    A common technique for luring e-mail users into opening virus-launching attachments is to send messages that would appear to be relevant or important to many of their potential recipients. One way of accomplishing this feat is to make the virus-carrying messages appear to come from some type of business entity retailing sites, UPS, FEDEX, CITIBANK or a major provider of a common service.

    Here is a fraudulent e-mail claiming to be from FedEx regarding a package that could not be delivered. This mail asks the receiver to open an attachment in order to obtain the FEDEX tracking number for picking up the package. The attachment contained in this type of e-mail activates a virus.

    Vendors send e-mails like this to their customers advising them not to open any files attached with the mail, as they do not include attachments.

    Fraudulent e-mail and legit e-mail that arrives in your inbox contain the fedex.com as the sender of the mail.

    How do you ensure if the e-mail is authentic and sent from fedex.com?

    A. Verify the digital signature attached with the mail, the fake mail will not have Digital ID at all

    B. Check the Sender ID against the National Spam Database (NSD)

    C. Fake mail will have spelling/grammatical errors

    D. Fake mail uses extensive images, animation and flash content

  • Question 457:

    Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is invalid on the server. Why do you think this is possible?

    A. It works because encryption is performed at the application layer (single encryption key)

    B. The scenario is invalid as a secure cookie cannot be replayed

    C. It works because encryption is performed at the network layer (layer 1 encryption)

    D. Any cookie can be replayed irrespective of the session status

  • Question 458:

    This attack technique is used when a Web application is vulnerable to an SQL Injection but the results of the Injection are not visible to the attacker.

    A. Unique SQL Injection

    B. Blind SQL Injection

    C. Generic SQL Injection

    D. Double SQL Injection

  • Question 459:

    What port number is used by Kerberos protocol?

    A. 88

    B. 44

    C. 487

    D. 419

  • Question 460:

    What does FIN in TCP flag define?

    A. Used to abort a TCP connection abruptly

    B. Used to close a TCP connection

    C. Used to acknowledge receipt of a previous packet or transmission

    D. Used to indicate the beginning of a TCP connection

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V7 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.