Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50V10

EC-Council 312-50V10 Exam
Certified Ethical Hacker Exam (Updated to CEH v12) (Page 4 )

Updated On: 19-Jan-2026
Page 4 of 102
PDF with 736 Questions

John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time and obtains sensitive information without sabotaging the organization. Which of the following attack techniques is used by John?

  1. Advanced persistent
  2. threat Diversion theft
  3. Spear-phishing sites
  4. insider threat

Answer(s): A

Explanation:

An advanced persistent threat (APT) may be a broad term wont to describe AN attack campaign within which an intruder, or team of intruders, establishes a bootleg, long presence on a network so as to mine sensitive knowledge.
The targets of those assaults, that square measure terribly fastidiously chosen and researched, usually embrace massive enterprises or governmental networks. the implications of such intrusions square measure huge, and include:
Intellectual property thieving (e.g., trade secrets or patents) Compromised sensitive info (e.g., worker and user personal data)
The sabotaging of essential structure infrastructures (e.g., information deletion) Total website takeovers
Executing an APT assault needs additional resources than a regular internet application attack. The perpetrators square measure typically groups of intimate cybercriminals having substantial resource. Some APT attacks square measure government-funded and used as cyber warfare weapons.
APT attacks dissent from ancient internet application threats, in that:
They’re considerably additional advanced.
They’re not hit and run attacks—once a network is infiltrated, the culprit remains so as to realize the maximum amount info as potential.
They’re manually dead (not automated) against a selected mark and indiscriminately launched against an outsized pool of targets.
They typically aim to infiltrate a complete network, as opposition one specific half.
More common attacks, like remote file inclusion (RFI), SQL injection and cross-site scripting (XSS), square measure oftentimes employed by perpetrators to ascertain a footing in a very targeted network. Next, Trojans and backdoor shells square measure typically wont to expand that foothold and make a persistent presence inside the targeted perimeter.



Richard, an attacker, targets an MNC. in this process, he uses a footprinting technique to gather as much information as possible. Using this technique, he gathers domain information such as the target domain name, contact details of its owner, expiry date, and creation date. With this information, he creates a map of the organization's network and misleads domain owners with social engineering to obtain internal details of its network. What type of footprinting technique is employed by Richard?

  1. VoIP footprinting
  2. VPN footprinting
  3. Whois footprinting
  4. Email footprinting

Answer(s): C

Explanation:

WHOIS (pronounced because the phrase who is) may be a query and response protocol and whois footprinting may be a method for glance information about ownership of a website name as following:
• name details
• Contact details contain phone no. and email address of the owner
• Registration date for the name
• Expire date for the name
• name servers



In this form of encryption algorithm, every Individual block contains 64-bit data, and three keys are used, where each key consists of 56 bits. Which is this encryption algorithm?

  1. IDEA
  2. Triple Data Encryption standard
  3. MDS encryption algorithm
  4. AES

Answer(s): B

Explanation:

Triple DES is another mode of DES operation. It takes three 64-bit keys, for an overall key length of 192 bits. In Stealth, you merely type within the entire 192-bit (24 character) key instead of entering each of the three keys individually. The Triple DES DLL then breaks the user-provided key into three subkeys, padding the keys if necessary in order that they are each 64 bits long. The procedure for encryption is strictly an equivalent as regular DES, but it’s repeated 3 times, hence the name Triple DES. The info is encrypted with the primary key, decrypted with the second key, and eventually encrypted again with the third key. Triple DES runs 3 times slower than DES, but is far safer if used properly. The procedure for decrypting something is that the same because the procedure for encryption, except it’s executed in reverse. Like DES, data is encrypted and decrypted in 64-bit chunks. Although the input key for DES is 64 bits long, the particular key employed by DES is merely 56 bits long. The smallest amount significant (right-most) bit in each byte may be a parity, and will be set in order that there are always an odd number of 1s in every byte. These parity bits are ignored, so only the seven most vital bits of every byte are used, leading to a key length of 56 bits. This suggests that the effective key strength for Triple DES is really 168 bits because each of the three keys contains 8 parity bits that aren’t used during the encryption process.

Triple DES Modes
Triple ECB (Electronic Code Book)
• This variant of Triple DES works precisely the same way because the ECB mode of DES.
• this is often the foremost commonly used mode of operation. Triple CBC (Cipher Block Chaining)
• This method is extremely almost like the quality DES CBC mode.
• like Triple ECB, the effective key length is 168 bits and keys are utilized in an equivalent manner, as described above, but the chaining features of CBC mode also are employed.
• the primary 64-bit key acts because the Initialization Vector to DES.
• Triple ECB is then executed for one 64-bit block of plaintext.
• The resulting ciphertext is then XORed with subsequent plaintext block to be encrypted, and therefore the procedure is repeated.
• This method adds an additional layer of security to Triple DES and is therefore safer than Triple ECB, although it’s not used as widely as Triple ECB.



You start performing a penetration test against a specific website and have decided to start from grabbing all the links from the main page.
What Is the best Linux pipe to achieve your milestone?

  1. dirb https://site.com | grep "site"
  2. curl -s https://sile.com | grep ‘’< a href-\’http" | grep "Site-com- | cut -d "V" -f 2
  3. wget https://stte.com | grep "< a href=\*http" | grep "site.com"
  4. wgethttps://site.com | cut-d"http-

Answer(s): C



Don, a student, came across a gaming app in a third-party app store and Installed it. Subsequently, all the legitimate apps in his smartphone were replaced by deceptive applications that appeared legitimate. He also received many advertisements on his smartphone after Installing the app. What is the attack performed on Don in the above scenario?

  1. SMS phishing attack
  2. SIM card attack
  3. Agent Smith attack
  4. Clickjacking

Answer(s): C

Explanation:

Agent Smith Attack
Agent Smith attacks are carried out by luring victims into downloading and installing malicious apps designed and published by attackers in the form of games, photo editors, or other attractive tools from third-party app stores such as 9Apps. Once the user has installed the app, the core malicious code inside the application infects or replaces the legitimate apps in the victim's mobile device C&C commands. The deceptive application replaces legitimate apps such as WhatsApp, SHAREit, and MX Player with similar infected versions. The application sometimes also appears to be an authentic Google product such as Google Updater or Themes. The attacker then produces a massive volume of irrelevant and fraudulent advertisements on the victim's device through the infected app for financial gain. Attackers exploit these apps to steal critical information such as personal information, credentials, and bank details, from the victim's mobile device through C&C commands.



Viewing page 4 of 102
Viewing questions 16 - 20 out of 736 questions



Post your Comments and Discuss EC-Council 312-50V10 exam prep with other Community members:

Join the 312-50V10 Discussion