Certified Ethical Hacker v11 Exam

Here you have the best ECCouncil 312-50v11 practice exam questions

  • You have 400 total questions across 80 pages (5 per page)
  • These questions were last updated on February 18, 2026
  • This site is not affiliated with or endorsed by ECCouncil.
Question 1 of 400
While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?
Answer

Suggested Answer

The suggested answer is C.

The described scenario indicates a Cross-Site Request Forgery (CSRF) attack. CSRF exploits authenticated sessions by tricking a user into making unauthorized requests. In this case, the user was logged into their online banking and clicked on a link that initiated a malicious request, resulting in unauthorized activity on their bank account. This type of attack leverages the user's active session with the trusted site to perform actions without the user's explicit consent.

Community Votes17 votes
CSuggested
76%
A
24%
Question 2 of 400
Which service in a PKI will vouch for the identity of an individual or company?
Answer

Suggested Answer

The suggested answer is D.

In a Public Key Infrastructure (PKI), the Certification Authority (CA) is the service responsible for vouching for the identity of individuals, companies, or entities. The CA issues digital certificates that bind a public key to a specific identity, effectively verifying and vouching for its authenticity. This ensures the trustworthiness of the parties involved in digital communications and transactions.

Community Votes12 votes
DSuggested
100%
Question 3 of 400
Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.
Answer

Suggested Answer

The suggested answer is B.

The correct answer is Cross-Site Scripting (XSS). XSS attacks involve exploiting vulnerabilities in web applications to inject malicious client-side scripts into web pages that other users view. This allows attackers to execute code within the context of a victim's browser, potentially stealing information or performing actions on behalf of the victim without their consent.

Community Votes10 votes
BSuggested
100%
Question 4 of 400
User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?
Answer

Suggested Answer

The suggested answer is D.

The encryption and decryption of the message take place at the Presentation layer of the OSI model. This layer is responsible for translating data between the application layer and the network format, which includes activities such as data encryption and decryption to ensure secure communication.

Community Votes10 votes
DSuggested
90%
A
10%
Question 5 of 400
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?
Answer

Suggested Answer

The suggested answer is A.

A possible source of the problem is that the Wireless Access Point (WAP) does not recognize the client's MAC address. MAC address filtering is a security feature used on many wireless networks to restrict access based on the MAC addresses of devices. If the WAP has MAC address filtering enabled and the client’s MAC address is not on the allowed list, the WAP will ignore the client’s association requests even though the client can see the network.

Community Votes4 votes
ASuggested
100%

About the ECCouncil 312-50v11 Certification Exam

About the Exam

The ECCouncil 312-50v11 (Certified Ethical Hacker v11 Exam) validates your knowledge and skills. Passing demonstrates proficiency and can boost your career prospects in the field.

How to Prepare

Work through all 400 practice questions across 80 pages. Focus on understanding the reasoning behind each answer rather than memorizing responses to be ready for any variation on the real exam.

Why Practice Exams?

Practice exams help you familiarize yourself with the question format, manage your time, and reduce anxiety on the test day. Our 312-50v11 questions are regularly updated to reflect the latest exam objectives.