• Home
  • Articles
  • [Mar 05, 2025] Get to the Top with 312-50v10 Practice Exam Questions [Q241-Q265]

[Mar 05, 2025] Get to the Top with 312-50v10 Practice Exam Questions [Q241-Q265]

Share

[Mar 05, 2025] Get to the Top with 312-50v10 Practice Exam Questions

Use Real 312-50v10 Dumps Free Sample Questions and Practice Test Engine


To become a certified ethical hacker, one must pass the CEH v10 Exam, which consists of 125 multiple-choice questions that must be completed within four hours. 312-50v10 exam is rigorous and requires extensive preparation, including hands-on experience, formal training, and self-study. Once a candidate passes the exam, they will be awarded the Certified Ethical Hacker certification, which is valid for three years. Certified Ethical Hacker Exam (CEH v10) certification can be renewed by taking a re-certification exam or by earning continuing education credits.

 

NEW QUESTION # 241
An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to
"www.MyPersonalBank.com", that the user is directed to a phishing site.
Which file does the attacker need to modify?

  • A. Sudoers
  • B. Boot.ini
  • C. Hosts
  • D. Networks

Answer: C


NEW QUESTION # 242
Least privilege is a security concept that requires that a user is

  • A. trusted to keep all data and access to that data under their sole control.
  • B. given privileges equal to everyone else in the department.
  • C. limited to those functions required to do the job.
  • D. given root or administrative privileges.

Answer: C


NEW QUESTION # 243
A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems.
What is the best security policy concerning this setup?

  • A. The operator knows that attacks and down time are inevitable and should have a backup site.
  • B. Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
  • C. There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.
  • D. As long as the physical access to the network elements is restricted, there is no need for additional measures.

Answer: B


NEW QUESTION # 244
To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program.
What term is commonly used when referring to this type of testing?

  • A. Bounding
  • B. Fuzzing
  • C. Randomizing
  • D. Mutating

Answer: B

Explanation:
Explanation
Fuzz testing or fuzzing is a software testing technique, often automated or semi-automated, that involves providing invalid, unexpected, or random data to the inputs of a computer program. The program is then monitored for exceptions such as crashes, or failing built-in code assertions or for finding potential memory leaks. Fuzzing is commonly used to test for security problems in software or computer systems. It is a form of random testing which has been used for testing hardware or software.
References: https://en.wikipedia.org/wiki/Fuzz_testing


NEW QUESTION # 245
Port scanning can be used as part of a technical assessment to determine network vulnerabilities. The TCP XMAS scan is used to identify listening ports on the targeted system.
If a scanned port is open, what happens?

  • A. The port will send a SYN.
  • B. The port will send an ACK.
  • C. The port will ignore the packets.
  • D. The port will send an RST.

Answer: C


NEW QUESTION # 246
Which of the following Bluetooth hacking techniques does an attacker use to send messages to users without the recipient's consent, similar to email spamming?

  • A. Bluejacking
  • B. Bluesmacking
  • C. Bluesniffing
  • D. Bluesnarfing

Answer: A


NEW QUESTION # 247
Which of the following types of firewalls ensures that the packets are part of the established session?

  • A. Circuit-level firewall
  • B. Stateful inspection firewall
  • C. Switch-level firewall
  • D. Application-level firewall

Answer: B

Explanation:
Explanation
A stateful firewall is a network firewall that tracks the operating state and characteristics of network connections traversing it. The firewall is configured to distinguish legitimate packets for different types of connections. Only packets matching a known active connection (session) are allowed to pass the firewall.
References: https://en.wikipedia.org/wiki/Stateful_firewall


NEW QUESTION # 248
Pentest results indicate that voice over IP traffic is traversing a network. Which of the following tools will decode a packet capture and extract the voice conversations?

  • A. Hping
  • B. Nikto
  • C. John the Ripper
  • D. Cain

Answer: D


NEW QUESTION # 249
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

  • A. Inherent risk
  • B. Impact risk
  • C. Deferred risk
  • D. Residual risk

Answer: D


NEW QUESTION # 250
During a blackbox pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled host. The traffic gets blocked; however, outbound HTTP traffic is unimpeded.
What type of firewall is inspecting outbound traffic?

  • A. Stateful
  • B. Packet Filtering
  • C. Circuit
  • D. Application

Answer: D

Explanation:
An application firewall is an enhanced firewall that limits access by applications to the operating system (OS) of a computer. Conventional firewalls merely control the flow of data to and from the central processing unit (CPU), examining each packet and determining whether or not to forward it toward a particular destination. An application firewall offers additional protection by controlling the execution of files or the handling of data by specific applications.
References: http://searchsoftwarequality.techtarget.com/definition/application-firewall


NEW QUESTION # 251
Which of the following areas is considered a strength of symmetric key cryptography when compared with asymmetric algorithms?

  • A. Key distribution
  • B. Security
  • C. Scalability
  • D. Speed

Answer: D


NEW QUESTION # 252
Knowing the nature of backup tapes, which of the following is the MOST RECOMMENDED way of storing backup tapes?

  • A. In a climate controlled facility offsite
  • B. On a different floor in the same building
  • C. In a cool dry environment
  • D. Inside the data center for faster retrieval in a fireproof safe

Answer: A


NEW QUESTION # 253
In Risk Management, how is the term "likelihood" related to the concept of "threat?"

  • A. Likelihood is the likely source of a threat that could exploit a vulnerability.
  • B. Likelihood is the probability that a vulnerability is a threat-source.
  • C. Likelihood is a possible threat-source that may exploit a vulnerability.
  • D. Likelihood is the probability that a threat-source will exploit a vulnerability.

Answer: D

Explanation:
The ability to analyze the likelihood of threats within the organization is a critical step in building an effective security program. The process of assessing threat probability should be well defined and incorporated into a broader threat analysis process to be effective.
References:
http://www.mcafee.com/campaign/securitybattleground/resources/chapter5/whitepaper-on- assessing-threat-attack-likelihood.pdf


NEW QUESTION # 254
A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the following is likely to be installed on the target machine by the OS?

  • A. The host is likely a Linux machine.
  • B. The host is likely a router.
  • C. The host is likely a Windows machine.
  • D. The host is likely a printer.

Answer: D


NEW QUESTION # 255
A company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and 192.168.5.0.
How can NMAP be used to scan these adjacent Class C networks?

  • A. NMAP -P 192.168.1-5.
  • B. NMAP -P 192.168.1.0,2.0,3.0,4.0,5.0
  • C. NMAP -P 192.168.1/17
  • D. NMAP -P 192.168.0.0/16

Answer: A


NEW QUESTION # 256
In cryptanalysis and computer security, 'pass the hash' is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case.
Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system whose credentials are known. It was written by sysinternals and has been integrated within the framework. The penetration testers successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values.
Which of the following is true hash type and sort order that is used in the psexec module's
'smbpass' option?

  • A. NT:LM
  • B. NTLM:LM
  • C. LM:NT
  • D. LM:NTLM

Answer: C


NEW QUESTION # 257
Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?

  • A. Wireshark
  • B. Maltego
  • C. Metasploit
  • D. Cain & Abel

Answer: B


NEW QUESTION # 258
Bob, your senior colleague, has sent you a mail regarding aa deal with one of the clients.
You are requested to accept the offer and you oblige.
After 2 days, Bob denies that he had ever sent a mail.
What do you want to "know" to prove yourself that it was Bob who had send a mail?

  • A. Authentication
  • B. Integrity
  • C. Non-Repudiation
  • D. Confidentiality

Answer: C


NEW QUESTION # 259
Which of the following will perform an Xmas scan using NMAP?

  • A. nmap -sX 192.168.1.254
  • B. nmap -sP 192.168.1.254
  • C. nmap -sV 192.168.1.254
  • D. nmap -sA 192.168.1.254

Answer: A


NEW QUESTION # 260
What is the minimum number of network connections in a multi homed firewall?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: D


NEW QUESTION # 261
Which of the following is an application that requires a host application for replication?

  • A. Trojan
  • B. Worm
  • C. Micro
  • D. Virus

Answer: D

Explanation:
Explanation
Computer viruses infect a variety of different subsystems on their hosts. A computer virus is a malware that, when executed, replicates by reproducing itself or infecting other programs by modifying them. Infecting computer programs can include as well, data files, or the boot sector of the hard drive. When this replication succeeds, the affected areas are then said to be "infected".
References: https://en.wikipedia.org/wiki/Computer_virus


NEW QUESTION # 262
From the following table, identify the wrong answer in terms of Range (ft).

  • A. 802.11b
  • B. 802.16(WiMax)
  • C. 802.11a
  • D. 802.11g

Answer: C


NEW QUESTION # 263
Which of the following is designed to identify malicious attempts to penetrate systems?

  • A. Proxy
  • B. Intrusion Detection System
  • C. Firewall
  • D. Router

Answer: B

Explanation:
Explanation
An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces electronic reports to a management station.
References: https://en.wikipedia.org/wiki/Intrusion_detection_system


NEW QUESTION # 264
When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's Computer to update the router configuration. What type of an alert is this?

  • A. True positive
  • B. False positive
  • C. True negative
  • D. False negative

Answer: B


NEW QUESTION # 265
......

Pass EC-COUNCIL 312-50v10 exam - questions - convert Tets Engine to PDF: https://www.updatedumps.com/EC-COUNCIL/312-50v10-updated-exam-dumps.html

2025 Realistic Verified Free EC-COUNCIL 312-50v10 Exam Questions: https://drive.google.com/open?id=1LXWfokm3U29tUYGefuqxLdRu-njINOMq

Related Articles

more
EC-COUNCIL 312-50v10 Certification Practice Exam