Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50

EC-Council 312-50 Exam Questions
Ethical Hacker Certified (Page 18 )

Updated On: 10-Mar-2026
Page 18 of 154
PDF with 765 Questions

Which of the following Nmap commands would be used to perform a UDP scan of the lower 1024 ports?

  1. Nmap -h -U
  2. Nmap -hU <host(s.>
  3. Nmap -sU -p 1-1024 <host(s.>
  4. Nmap -u -v -w2 <host> 1-1024
  5. Nmap -sS -O target/1024

Answer(s): C

Explanation:

Nmap -sU -p 1-1024 <hosts.> is the proper syntax. Learning Nmap and its switches are critical for successful completion of the CEH exam.



While reviewing the result of scanning run against a target network you come across the following:


Which among the following can be used to get this output?

  1. A Bo2k system query.
  2. nmap protocol scan
  3. A sniffer
  4. An SNMP walk

Answer(s): D

Explanation:

SNMP lets you "read" information from a device. You make a query of the server (generally known as the "agent"). The agent gathers the information from the host system and returns the answer to your SNMP client. It's like having a single interface for all your informative Unix commands. Output like system.sysContact.0 is called a MIB.



You are manually conducting Idle Scanning using Hping2. During your scanning you notice that almost every query increments the IPID regardless of the port being queried. One or two of the queries cause the IPID to increment by more than one value. Why do you think this occurs?

  1. The zombie you are using is not truly idle.
  2. A stateful inspection firewall is resetting your queries.
  3. Hping2 cannot be used for idle scanning.
  4. These ports are actually open on the target system.

Answer(s): A

Explanation:

If the IPID is incremented by more than the normal increment for this type of system it means that the system is interacting with some other system beside yours and has sent packets to an unknown host between the packets destined for you.



While performing ping scans into a target network you get a frantic call from the organization’s security team. They report that they are under a denial of service attack. When you stop your scan, the smurf attack event stops showing up on the organization’s IDS monitor. How can you modify your scan to prevent triggering this event in the IDS?

  1. Scan more slowly.
  2. Do not scan the broadcast IP.
  3. Spoof the source IP address.
  4. Only scan the Windows systems.

Answer(s): B

Explanation:

Scanning the broadcast address makes the scan target all IP addresses on that subnet at the same time.



You are concerned that someone running PortSentry could block your scans, and you decide to slow your scans so that no one detects them. Which of the following commands will help you achieve this?

  1. nmap -sS -PT -PI -O -T1 <ip address>
  2. nmap -sO -PT -O -C5 <ip address>
  3. nmap -sF -PT -PI -O <ip address>
  4. nmap -sF -P0 -O <ip address>

Answer(s): A

Explanation:

-T[0-5]: Set timing template (higher is faster)



Viewing page 18 of 154
Viewing questions 86 - 90 out of 765 questions



Post your Comments and Discuss EC-Council 312-50 exam dumps with other Community members:

312-50 Exam Discussions & Posts

AI Tutor