Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50

EC-Council 312-50 Exam Questions
Ethical Hacker Certified (Page 20 )

Updated On: 10-Mar-2026
Page 20 of 154
PDF with 765 Questions

An nmap command that includes the host specification of 202.176.56-57.* will scan____ number of hosts.

  1. 2
  2. 256
  3. 512
  4. Over 10, 000

Answer(s): C

Explanation:

The hosts with IP address 202.176.56.0-255 & 202.176.56.0-255 will be scanned (256+256=512)



A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites.
77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this information?

  1. The packets were sent by a worm spoofing the IP addresses of 47 infected sites
  2. ICMP ID and Seq numbers were most likely set by a tool and not by the operating system
  3. All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number
  4. 13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0

Answer(s): B



Which of the following commands runs snort in packet logger mode?

  1. ./snort -dev -h ./log
  2. ./snort -dev -l ./log
  3. ./snort -dev -o ./log
  4. ./snort -dev -p ./log

Answer(s): B

Explanation:

Note: If you want to store the packages in binary mode for later analysis use./snort
-l./log -b



Which of the following command line switch would you use for OS detection in Nmap?

  1. -D
  2. -O
  3. -P
  4. -X

Answer(s): B

Explanation:

OS DETECTION: -O: Enable OS detection (try 2nd generation w/fallback to 1st) - O2: Only use the new OS detection system (no fallback) -O1: Only use the old (1st generation) OS detection system --osscan-limit: Limit OS detection to promising targets --osscan-guess: Guess OS more aggressively



You ping a target IP to check if the host is up. You do not get a response. You suspect ICMP is blocked at the firewall. Next you use hping2 tool to ping the target host and you get a response. Why does the host respond to hping2 and not ping packet?

[ceh]# ping 10.2.3.4
PING 10.2.3.4 (10.2.3.4) from 10.2.3.80 : 56(84) bytes of data.
--- 10.2.3.4 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
[ceh]# ./hping2 -c 4 -n -i 2 10.2.3.4
HPING 10.2.3.4 (eth0 10.2.3.4): NO FLAGS are set, 40 headers + 0 data bytes

len=46 ip=10.2.3.4 flags=RA seq=0 ttl=128 id=54167 win=0 rtt=0.8 ms len=46 ip=10.2.3.4 flags=RA seq=1 ttl=128 id=54935 win=0 rtt=0.7 ms len=46 ip=10.2.3.4 flags=RA seq=2 ttl=128 id=55447 win=0 rtt=0.7 ms len=46 ip=10.2.3.4 flags=RA seq=3 ttl=128 id=55959 win=0 rtt=0.7 ms
--- 10.2.3.4 hping statistic ---
4 packets tramitted, 4 packets received, 0% packet loss round-trip min/avg/max = 0.7/0.8/0.8 ms

  1. ping packets cannot bypass firewalls
  2. you must use ping 10.2.3.4 switch
  3. hping2 uses TCP instead of ICMP by default
  4. hping2 uses stealth TCP packets to connect

Answer(s): C

Explanation:

Default protocol is TCP, by default hping2 will send tcp headers to target host's port 0 with a winsize of 64 without any tcp flag on. Often this is the best way to do an 'hide ping', useful when target is behind a firewall that drop ICMP. Moreover a tcp null-flag to port 0 has a good probability of not being logged.



Viewing page 20 of 154
Viewing questions 96 - 100 out of 765 questions



Post your Comments and Discuss EC-Council 312-50 exam dumps with other Community members:

312-50 Exam Discussions & Posts

AI Tutor