Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

312-50 ECCouncil Certified Ethical Hacker Exam Free Practice Exam Questions (2025 Updated)

Prepare effectively for your ECCouncil 312-50 Certified Ethical Hacker Exam certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

ECCouncil 312-50 Premium Access     Download Demo    
Page: 4 / 7
Total 614 questions

A penetration tester was hired to perform a penetration test for a bank. The tester began searching for IP ranges owned by the bank, performing lookups on the bank's DNS servers, reading news articles online about the bank, watching what times the bank employees come into work and leave from work, searching the bank's job postings (paying special attention to IT related jobs), and visiting the local dumpster for the bank's corporate office. What phase of the penetration test is the tester currently in?

A.

Information reporting

B.

Vulnerability assessment

C.

Active information gathering

D.

Passive information gathering

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

A.

Usernames

B.

File permissions

C.

Firewall rulesets

D.

Passwords

A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?

A.

Perform a vulnerability scan of the system.

B.

Determine the impact of enabling the audit feature.

C.

Perform a cost/benefit analysis of the audit feature.

D.

Allocate funds for staffing of audit log review.

Passive reconnaissance involves collecting information through which of the following?

A.

Social engineering

B.

Network traffic sniffing

C.

Man in the middle attacks

D.

Publicly accessible sources

A covert channel is a channel that

A.

transfers information over, within a computer system, or network that is outside of the security policy.

B.

transfers information over, within a computer system, or network that is within the security policy.

C.

transfers information via a communication path within a computer system, or network for transfer of data.

D.

transfers information over, within a computer system, or network that is encrypted.

The following is part of a log file taken from the machine on the network with the IP address of 192.168.1.106:

What type of activity has been logged?

A.

Port scan targeting 192.168.1.103

B.

Teardrop attack targeting 192.168.1.106

C.

Denial of service attack targeting 192.168.1.103

D.

Port scan targeting 192.168.1.106

Which of the following is a component of a risk assessment?

A.

Physical security

B.

Administrative safeguards

C.

DMZ

D.

Logical interface

When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user security training would be beneficial?

A.

Vulnerability scanning

B.

Social engineering

C.

Application security testing

D.

Network sniffing

Which of the following lists are valid data-gathering activities associated with a risk assessment?

A.

Threat identification, vulnerability identification, control analysis

B.

Threat identification, response identification, mitigation identification

C.

Attack profile, defense profile, loss profile

D.

System profile, vulnerability identification, security determination

WPA2 uses AES for wireless data encryption at which of the following encryption levels?

A.

64 bit and CCMP

B.

128 bit and CRC

C.

128 bit and CCMP

D.

128 bit and TKIP

A circuit level gateway works at which of the following layers of the OSI Model?

A.

Layer 5 - Application

B.

Layer 4 – TCP

C.

Layer 3 – Internet protocol

D.

Layer 2 – Data link

A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?

A.

Firewall-management policy

B.

Acceptable-use policy

C.

Remote-access policy

D.

Permissive policy

When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?

A.

A bottom-up approach

B.

A top-down approach

C.

A senior creation approach

D.

An IT assurance approach

Which type of antenna is used in wireless communication?

A.

Omnidirectional

B.

Parabolic

C.

Uni-directional

D.

Bi-directional

A Network Administrator was recently promoted to Chief Security Officer at a local university. One of employee's new responsibilities is to manage the implementation of an RFID card access system to a new server room on campus. The server room will house student enrollment information that is securely backed up to an off-site location.

During a meeting with an outside consultant, the Chief Security Officer explains that he is concerned that the existing security controls have not been designed properly. Currently, the Network Administrator is responsible for approving and issuing RFID card access to the server room, as well as reviewing the electronic access logs on a weekly basis.

Which of the following is an issue with the situation?

A.

Segregation of duties

B.

Undue influence

C.

Lack of experience

D.

Inadequate disaster recovery plan

During a penetration test, a tester finds a target that is running MS SQL 2000 with default credentials. The tester assumes that the service is running with Local System account. How can this weakness be exploited to access the system?

A.

Using the Metasploit psexec module setting the SA / Admin credential

B.

Invoking the stored procedure xp_shell to spawn a Windows command shell

C.

Invoking the stored procedure cmd_shell to spawn a Windows command shell

D.

Invoking the stored procedure xp_cmdshell to spawn a Windows command shell

What technique is used to perform a Connection Stream Parameter Pollution (CSPP) attack?

A.

Injecting parameters into a connection string using semicolons as a separator

B.

Inserting malicious Javascript code into input parameters

C.

Setting a user's session identifier (SID) to an explicit known value

D.

Adding multiple parameters with the same name in HTTP requests

The use of alert thresholding in an IDS can reduce the volume of repeated alerts, but introduces which of the following vulnerabilities?

A.

An attacker, working slowly enough, can evade detection by the IDS.

B.

Network packets are dropped if the volume exceeds the threshold.

C.

Thresholding interferes with the IDS’ ability to reassemble fragmented packets.

D.

The IDS will not distinguish among packets originating from different sources.

An attacker uses a communication channel within an operating system that is neither designed nor intended to transfer information. What is the name of the communications channel?

A.

Classified

B.

Overt

C.

Encrypted

D.

Covert

During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this response, which type of packet inspection is the firewall conducting?

A.

Host

B.

Stateful

C.

Stateless

D.

Application

ECCouncil 312-50 Premium Access     Download Demo    
Page: 4 / 7
Total 614 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved