Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50V10

EC-Council 312-50V10 Exam
Certified Ethical Hacker Exam (Updated to CEH v12) (Page 2 )

Updated On: 19-Jan-2026
Page 2 of 102
PDF with 736 Questions

By using a smart card and pin, you are using a two-factor authentication that satisfies

  1. Something you are and something you remember
  2. Something you have and something you know
  3. Something you know and something you are
  4. Something you have and something you are

Answer(s): B



Kevin, a professional hacker, wants to penetrate CyberTech Inc.’s network. He employed a technique, using which he encoded packets with Unicode characters. The company’s IDS cannot recognize the packet, but the target web server can decode them.
What is the technique used by Kevin to evade the IDS system?

  1. Desynchronization
  2. Obfuscating
  3. Session splicing
  4. Urgency flag

Answer(s): B

Explanation:

Adversaries could decide to build an possible or file difficult to find or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. this is often common behavior which will be used across totally different platforms and therefore the network to evade defenses.
Payloads may be compressed, archived, or encrypted so as to avoid detection. These payloads may be used throughout Initial Access or later to mitigate detection. typically a user’s action could also be needed to open and Deobfuscate/Decode Files or info for User Execution. The user can also be needed to input a parole to open a parole protected compressed/encrypted file that was provided by the mortal. Adversaries can also used compressed or archived scripts, like JavaScript.
Portions of files can even be encoded to cover the plain-text strings that will otherwise facilitate defenders with discovery. Payloads can also be split into separate, ostensibly benign files that solely reveal malicious practicality once reassembled.
Adversaries can also modify commands dead from payloads or directly via a Command and Scripting Interpreter. surroundings variables, aliases, characters, and different platform/language specific linguistics may be wont to evade signature based mostly detections and application management mechanisms.



After an audit, the auditors Inform you that there is a critical finding that you must tackle Immediately. You read the audit report, and the problem is the service running on port 369. Which service Is this and how can you tackle the problem?

  1. The service is LDAP. and you must change it to 636. Which is LDPAPS.
  2. The service is NTP. and you have to change It from UDP to TCP in order to encrypt it
  3. The findings do not require immediate actions and are only suggestions.
  4. The service is SMTP, and you must change it to SMIME. Which is an encrypted way to send emails.

Answer(s): A



A post-breach forensic investigation revealed that a known vulnerability in Apache Struts was to blame for the Equifax data breach that affected 143 million customers. A fix was available from the software vendor for several months prior 10 the Intrusion. This is likely a failure in which of the following security processes?

  1. vendor risk management
  2. Security awareness training
  3. Secure deployment lifecycle
  4. Patch management

Answer(s): D

Explanation:

Patch management is that the method that helps acquire, test and install multiple patches (code changes) on existing applications and software tools on a pc, enabling systems to remain updated on existing patches and determining that patches are the suitable ones. Managing patches so becomes simple and simple.
Patch Management is usually done by software system firms as a part of their internal efforts to mend problems with the various versions of software system programs and also to assist analyze existing software system programs and discover any potential lack of security features or different upgrades.
Software patches help fix those problems that exist and are detected solely once the software’s initial unharness. Patches mostly concern security while there are some patches that concern the particular practicality of programs as well.



John is investigating web-application firewall logs and observers that someone is attempting to inject the following: char buff[10]; buff[>o] - 'a':

What type of attack is this?

  1. CSRF
  2. XSS
  3. Buffer overflow
  4. SQL injection

Answer(s): C

Explanation:

Buffer overflow this attack is an anomaly that happens when software writing data to a buffer overflows the buffer’s capacity, leading to adjacent memory locations being overwritten. In other words, an excessive amount of information is being passed into a container that doesn’t have enough space, which information finishes up replacing data in adjacent containers. Buffer overflows are often exploited by attackers with a goal of modifying a computer’s memory so as to undermine or take hold of program execution.

What’s a buffer?
A buffer, or data buffer, is a neighborhood of physical memory storage wont to temporarily store data while it’s being moved from one place to a different . These buffers typically sleep in RAM memory. Computers frequently use buffers to assist improve performance; latest hard drives cash in of buffering to efficiently access data, and lots of online services also use buffers. for instance , buffers are frequently utilized in online video streaming to stop interruption. When a video is streamed, the video player downloads and stores perhaps 20% of the video at a time during a buffer then streams from that buffer. This way, minor drops in connection speed or quick service disruptions won’t affect the video stream performance. Buffers are designed to contain specific amounts of knowledge . Unless the program utilizing the buffer has built-in instructions to discard data when an excessive amount of is shipped to the buffer, the program will overwrite data in memory adjacent to the buffer. Buffer overflows are often exploited by attackers to corrupt software. Despite being well-understood, buffer overflow attacks are still a serious security problem that torment cyber-security teams. In 2014 a threat referred to as ‘heartbleed’ exposed many many users to attack due to a buffer overflow vulnerability in SSL software.
How do attackers exploit buffer overflows?
An attacker can deliberately feed a carefully crafted input into a program which will cause the program to undertake and store that input during a buffer that isn’t large enough, overwriting portions of memory connected to the buffer space. If the memory layout of the program is well- defined, the attacker can deliberately overwrite areas known to contain executable code. The attacker can then replace this code together with his own executable code, which may drastically change how the program is meant to figure. For example if the overwritten part in memory contains a pointer (an object that points to a different place in memory) the attacker’s code could replace that code with another pointer that points to an exploit payload. This will transfer control of the entire program over to the attacker’s code.



Viewing page 2 of 102
Viewing questions 6 - 10 out of 736 questions



Post your Comments and Discuss EC-Council 312-50V10 exam prep with other Community members:

Join the 312-50V10 Discussion