312-50V7 Exam Details

  • Exam Code
    :312-50V7
  • Exam Name
    :Ethical Hacking and Countermeasures (CEHv7)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :514 Q&As
  • Last Updated
    :Jul 11, 2026

EC-COUNCIL 312-50V7 Online Questions & Answers

  • Question 471:

    Which Steganography technique uses Whitespace to hide secret messages?

    A. snow
    B. beetle
    C. magnet
    D. cat

  • Question 472:

    What command would you type to OS fingerprint a server using the command line?

    A. Option A
    B. Option B
    C. Option C
    D. Option D

  • Question 473:

    SYN Flood is a DOS attack in which an attacker deliberately violates the three-way handshake and opens a large number of half-open TCP connections. The signature of attack for SYN Flood contains:

    A. The source and destination address having the same value
    B. A large number of SYN packets appearing on a network without the corresponding reply packets
    C. The source and destination port numbers having the same value
    D. A large number of SYN packets appearing on a network with the corresponding reply packets

  • Question 474:

    Switches maintain a CAM Table that maps individual MAC addresses on the network to physical ports on the switch.

    In MAC flooding attack, a switch is fed with many Ethernet frames, each containing different source MAC addresses, by the attacker. Switches have a limited memory for mapping various MAC addresses to physical ports. What happens when the CAM table becomes full?

    A. Switch then acts as hub by broadcasting packets to all machines on the network
    B. The CAM overflow table will cause the switch to crash causing Denial of Service
    C. The switch replaces outgoing frame switch factory default MAC address of FF:FF:FF:FF:FF:FF
    D. Every packet is dropped and the switch sends out SNMP alerts to the IDS port

  • Question 475:

    How would you describe an attack where an attacker attempts to deliver the payload over multiple packets over long periods of time with the purpose of defeating simple pattern matching in IDS systems without session reconstruction? A characteristic of this attack would be a continuous stream of small packets.

    A. Session Hijacking
    B. Session Stealing
    C. Session Splicing
    D. Session Fragmentation

  • Question 476:

    Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?

    A. They are written in Java.
    B. They send alerts to security monitors.
    C. They use the same packet analysis engine.
    D. They use the same packet capture utility.

  • Question 477:

    You are trying to hijack a telnet session from a victim machine with IP address 10.0.0.5 to Cisco router at 10.0.0.1. You sniff the traffic and attempt to predict the sequence and acknowledgement numbers to successfully hijack the telnet session.

    Here is the captured data in tcpdump.

    What are the next sequence and acknowledgement numbers that the router will send to the victim machine?

    A. Sequence number: 82980070 Acknowledgement number: 17768885A.
    B. Sequence number: 17768729 Acknowledgement number: 82980070B.
    C. Sequence number: 87000070 Acknowledgement number: 85320085C.
    D. Sequence number: 82980010 Acknowledgement number: 17768885D.

  • Question 478:

    What is the default Password Hash Algorithm used by NTLMv2?

    A. MD4
    B. DES
    C. SHA-1
    D. MD5

  • Question 479:

    Which of the following are valid types of rootkits? (Choose three.)

    A. Hypervisor level
    B. Network level
    C. Kernel level
    D. Application level
    E. Physical level
    F. Data access level

  • Question 480:

    This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data. See foobar What is this attack?

    A. Cross-site-scripting attack
    B. SQL Injection
    C. URL Traversal attack
    D. Buffer Overflow attack

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V7 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.