Certified Ethical Hacker v10 Exam

Here you have the best EC-Council 312-50v10 practice exam questions

  • You have 203 total questions to study from
  • Each page has 5 questions, making a total of 41 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on December 3, 2024
Question 1 of 203

An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?

    Correct Answer: B

    The individual performed tailgating. Tailgating is the act of an unauthorized person gaining access to a building or secured area by closely following an authorized person through a secure entrance without the knowledge or consent of the authorized person. It commonly involves exploiting the security procedure of a door being held open for someone following behind. In contrast, piggybacking typically implies that the authorized person is aware and permits the unauthorized person to enter.

Question 2 of 203

Which of the following is the best countermeasure to encrypting ransomwares?

    Correct Answer: B

    The best countermeasure to encrypting ransomware is to keep some generation of off-line backup. This allows recovery of data without paying the ransom or relying on decrypting the virus itself. Off-line backups are not accessible by the ransomware, thereby providing a safe repository of your data that can be restored in the event of an attack.

Question 3 of 203

If an attacker uses the command SELECT*FROM user WHERE name = "˜x' AND userid IS NULL; --"˜; which type of SQL injection attack is the attacker performing?

    Correct Answer: A

    In this scenario, the attacker is using an End of Line Comment to nullify the rest of the SQL query. This technique is employed by injecting comments after the input to ignore the remaining legitimate query code. By using the ' -- ' sequence, any following text will be treated as a comment and thus not executed, which can be leveraged to manipulate the SQL query for malicious purposes.

Question 4 of 203

Sophia travels a lot and worries that her laptop containing confidential documents might be stolen. What is the best protection that will work for her?

    Correct Answer: A

    Full Disk encryption is the best protection for Sophia's laptop containing confidential documents. This method encrypts the entire hard drive, rendering the data inaccessible to unauthorized users even if they physically possess the laptop. Unlike BIOS passwords, hidden folders, or password protected files—which can all be bypassed or cracked with relative ease—full disk encryption ensures that the data remains secure and unreadable without the proper decryption key.

Question 5 of 203

An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", that the user is directed to a phishing site.

Which file does the attacker need to modify?

    Correct Answer: D

    The file that the attacker needs to modify is the Hosts file. By editing the Hosts file, an attacker can specify custom mappings between domain names and IP addresses. This means they can redirect traffic intended for a legitimate site like 'www.MyPersonalBank.com' to a malicious phishing site by setting the desired IP address in the Hosts file. Typically, the Hosts file is located in the system directory (e.g., C:\Windows\System32\drivers\etc\hosts on Windows) and overrides DNS resolution, ensuring the specified mappings take precedence.