Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50V10

EC-Council 312-50V10 Exam
Certified Ethical Hacker Exam (Updated to CEH v12) (Page 13 )

Updated On: 19-Jan-2026
Page 13 of 102
PDF with 736 Questions

Based on the below log, which of the following sentences are true?
Mar 1, 2016, 7:33:28 AM 10.240.250.23 - 54373 10.249.253.15 - 22 tcp_ip

  1. Application is FTP and 10.240.250.23 is the client and 10.249.253.15 is the server.
  2. Application is SSH and 10.240.250.23 is the server and 10.249.253.15 is the client.
  3. SSH communications are encrypted; it’s impossible to know who is the client or the server.
  4. Application is SSH and 10.240.250.23 is the client and 10.249.253.15 is the server.

Answer(s): D



Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port scanning on a target host in the network. While performing the given task, Sam sends FIN/ACK probes and determines that an RST packet is sent in response by the target host, indicating that the port is closed.
What is the port scanning technique used by Sam to discover open ports?

  1. Xmas scan
  2. IDLE/IPID header scan
  3. TCP Maimon scan
  4. ACK flag probe scan

Answer(s): C

Explanation:

TCP Maimon scan
This scan technique is very similar to NULL, FIN, and Xmas scan, but the probe used here is
FIN/ACK. In most cases, to determine if the port is open or closed, the RST packet should be generated as a response to a probe request. However, in many BSD systems, the port is open if the packet gets dropped in response to a probe.



Mr. Omkar performed tool-based vulnerability assessment and found two vulnerabilities. During analysis, he found that these issues are not true vulnerabilities.
What will you call these issues?

  1. False positives
  2. True negatives
  3. True positives
  4. False negatives

Answer(s): A



A penetration tester is performing the footprinting process and is reviewing publicly available information about an organization by using the Google search engine.
Which of the following advanced operators would allow the pen tester to restrict the search to the organization’s web domain?

  1. [allinurl:]
  2. [location:]
  3. [site:]
  4. [link:]

Answer(s): C



You are a penetration tester and are about to perform a scan on a specific server. The agreement that you signed with the client contains the following specific condition for the scan: “The attacker must scan every port on the server several times using a set of spoofed sources IP addresses. ” Suppose that you are using Nmap to perform this scan. What flag will you use to satisfy this requirement?

  1. The -A flag
  2. The -g flag
  3. The -f flag
  4. The -D flag

Answer(s): D

Explanation:

flags –source-port and -g are equivalent and instruct nmap to send packets through a selected port. this option is used to try to cheat firewalls whitelisting traffic from specific ports. the following example can scan the target from the port twenty to ports eighty, 22, 21,23 and 25 sending fragmented packets to LinuxHint.



Viewing page 13 of 102
Viewing questions 61 - 65 out of 736 questions



Post your Comments and Discuss EC-Council 312-50V10 exam prep with other Community members:

Join the 312-50V10 Discussion