Ceh 312 50v11 Certified Ethical Hacker V11 Exam Practice Test - Set 1

Test your knowledge with this Ceh 312 50v11 Certified Ethical Hacker V11 Exam mock exam. Get real-world IT questions and prepare for certification success.

312-50v11: Certified Ethical Hacker v11 (CEH v11) - Exam Information

Exam Information

Exam Code

Ceh 312 50v11 Certified Ethical Hacker V11 Exam

Exam Title

312-50v11: Certified Ethical Hacker v11 (CEH v11)

Vendor

CEH

Difficulty

Advanced

Duration

4 Hours

Question Format

Multiple Choice

Last Updated

March 10, 2025

The latest version of CEH covering modern attack vectors and cybersecurity methodologies.

Practice Test

Shop Best 312-50v11: Certified Ethical Hacker v11 (CEH v11) Resources Worldwide Amazon

1. Which of the following is a common password cracking technique?

Brute force attack
Packet sniffing
Port scanning
IP spoofing

2. What is social engineering in cybersecurity?

Manipulating individuals to reveal confidential information
Using software vulnerabilities to gain access
Intercepting network traffic
Exploiting unpatched systems

3. Which tool is commonly used for network scanning?

Nmap
Wireshark
Metasploit
John the Ripper

4. What is the primary purpose of a firewall?

To block unauthorized access to a network
To encrypt sensitive data
To crack passwords
To intercept network traffic

5. Which attack involves intercepting communication between two parties?

Man-in-the-Middle (MITM)
Phishing
SQL Injection
Denial of Service (DoS)

6. What is the purpose of a vulnerability scanner?

To identify security weaknesses in a system
To exploit vulnerabilities
To intercept network traffic
To crack passwords

7. Which protocol is commonly exploited in DNS spoofing attacks?

DNS
HTTP
HTTPS
FTP

8. What is the primary goal of a Denial of Service (DoS) attack?

To overwhelm a system and make it unavailable
To steal sensitive data
To intercept network traffic
To crack passwords

9. Which tool is used for password cracking?

John the Ripper
Nmap
Wireshark
Metasploit

10. What is the purpose of a honeypot?

To detect and analyze attacks
To block unauthorized access
To encrypt sensitive data
To crack passwords

11. Which attack involves injecting malicious SQL queries into an application?

SQL Injection
Phishing
MITM
DoS

12. What is the purpose of a rootkit?

To gain unauthorized access and hide malicious activity
To encrypt sensitive data
To intercept network traffic
To crack passwords

13. Which tool is used for packet sniffing?

Wireshark
Nmap
Metasploit
John the Ripper

14. What is the purpose of a buffer overflow attack?

To execute arbitrary code by overwriting memory
To intercept network traffic
To crack passwords
To encrypt sensitive data

15. Which attack involves tricking users into revealing sensitive information?

Phishing
SQL Injection
MITM
DoS

16. What is the purpose of a vulnerability assessment?

To identify and prioritize security weaknesses
To exploit vulnerabilities
To intercept network traffic
To crack passwords

17. Which tool is used for exploiting vulnerabilities?

Metasploit
Nmap
Wireshark
John the Ripper

18. What is the purpose of a reverse shell?

To gain remote control of a target system
To intercept network traffic
To crack passwords
To encrypt sensitive data

19. Which attack involves overwhelming a system with traffic?

Denial of Service (DoS)
Phishing
SQL Injection
MITM

20. What is the primary goal of ethical hacking?

To secure IT systems by finding and fixing vulnerabilities
To exploit vulnerabilities for personal gain
To disable security features
To create new hacking tools

21. Which tool is commonly used for DNS enumeration?

nslookup
Wireshark
Metasploit
John the Ripper

22. What is the primary purpose of WHOIS lookups?

Gather domain registration information
Scan network ports
Crack passwords
Analyze malware

23. Which Google search operator finds specific filetypes?

filetype:
site:
inurl:
intitle:

24. What does traceroute help identify?

Network path to a target
Open ports
Vulnerabilities
Password hashes

25. Which technique gathers information from social media?

OSINT
Port scanning
Packet sniffing
Brute forcing

26. What does a SYN scan determine?

Port status without completing connection
Service versions
OS information
Network bandwidth

27. Which Nmap flag enables OS detection?

-O
-sS
-p
-A

28. What is the purpose of hping?

Craft custom network packets
Analyze malware
Crack passwords
Exploit vulnerabilities

29. Which protocol does ping use?

ICMP
TCP
UDP
HTTP

30. What does a NULL scan attempt to identify?

Firewall configuration
User accounts
Network speed
Encryption methods

31. Which tool enumerates Windows shares?

enum4linux
Nmap
Wireshark
Metasploit

32. What does SNMP enumeration reveal?

Network device information
Encrypted passwords
Web vulnerabilities
Malware signatures

33. Which port does LDAP typically use?

389
80
443
22

34. What is the purpose of NetBIOS enumeration?

Discover Windows network resources
Crack passwords
Scan ports
Analyze traffic

35. Which tool enumerates web server directories?

DirBuster
John
Aircrack-ng
Snort

36. Where does Windows store password hashes?

SAM file
Registry
Temp folder
System32

37. Which tool extracts password hashes from memory?

Mimikatz
Wireshark
Nmap
Burp Suite

38. What is the purpose of a rainbow table?

Speed up password cracking
Encrypt data
Scan networks
Analyze malware

39. Which registry hive contains user-specific settings?

HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
HKEY_CLASSES_ROOT
HKEY_USERS

40. What is privilege escalation?

Gaining higher-level access
Encrypting files
Scanning networks
Analyzing logs

41. What is the primary characteristic of a rootkit?

Hides its presence
Encrypts files
Spreads through email
Displays ads

42. Which malware type demands payment?

Ransomware
Spyware
Adware
Worm

43. What does a Trojan horse do?

Disguises as legitimate software
Self-replicates
Infects boot sectors
Spreads through networks

44. Which tool analyzes malware behavior?

Cuckoo Sandbox
Nmap
Wireshark
Metasploit

45. What is the purpose of a botnet?

Execute coordinated attacks
Encrypt communications
Scan for vulnerabilities
Analyze network traffic

46. Which attack intercepts network traffic?

Man-in-the-middle
DDoS
SQL injection
Phishing

47. What does ARP spoofing accomplish?

Redirect network traffic
Encrypt data
Crack passwords
Scan ports

48. Which tool captures network packets?

Wireshark
John
Hydra
Sqlmap

49. What is the purpose of MAC flooding?

Overwhelm switch CAM tables
Encrypt traffic
Prevent sniffing
Accelerate networks

50. Which protocol is vulnerable to sniffing?

FTP
HTTPS
SSH
SFTP

51. What is pretexting in social engineering?

Creating fake scenarios
Sending mass emails
Exploiting software bugs
Cracking passwords

52. Which tool creates phishing pages?

SET (Social Engineering Toolkit)
Metasploit
Nmap
Wireshark

53. What is tailgating?

Physical access by following someone
Network eavesdropping
Password cracking
Email spoofing

54. Which attack uses phone calls?

Vishing
Phishing
Smishing
Pharming

55. What is the primary defense against social engineering?

Security awareness training
Firewalls
Antivirus
Encryption

56. What is the difference between DoS and DDoS?

Multiple attack sources
Attack duration
Target systems
Exploited vulnerabilities

57. Which tool performs stress testing?

LOIC
Nmap
Metasploit
Wireshark

58. What is a SYN flood attack?

Exploits TCP handshake
Overflows buffers
Exhausts bandwidth
Corrupts packets

59. Which attack targets application layers?

HTTP flood
Ping of death
Smurf attack
UDP flood

60. What is the primary defense against DDoS?

Traffic filtering
Strong passwords
Encryption
Antivirus

61. What is session fixation?

Setting session ID before login
Stealing cookies
Brute-forcing credentials
Exploiting buffer overflows

62. Which tool performs MITM attacks?

Ettercap
Hydra
John
Sqlmap

63. What is the primary defense against session hijacking?

HTTPS and secure cookies
Firewalls
Antivirus
Encryption

64. Which attack steals session tokens?

XSS
SQLi
Phishing
DDoS

65. What does CSRF exploit?

Authenticated sessions
Network protocols
OS vulnerabilities
Physical access

66. Which tool tests for SQL injection?

Sqlmap
Metasploit
Nmap
Wireshark

67. What is the primary defense against XSS?

Input validation and output encoding
Firewalls
Antivirus
Encryption

68. Which attack manipulates file paths?

Directory traversal
CSRF
Phishing
DDoS

69. What is the purpose of Burp Suite?

Web application testing
Network scanning
Password cracking
Malware analysis

70. Which HTTP header prevents clickjacking?

X-Frame-Options
Content-Security-Policy
Strict-Transport-Security
X-XSS-Protection

71. Which encryption is weakest for WiFi?

WEP
WPA
WPA2
WPA3

72. What does an evil twin attack create?

Rogue access point
Duplicate packets
Fake certificates
Spoofed MAC addresses

73. Which tool cracks WPA handshakes?

Aircrack-ng
Wireshark
Nmap
Metasploit

74. What is wardriving?

Locating wireless networks
Cracking passwords
Sniffing traffic
Launching DDoS

75. Which attack targets WPS?

PIN brute-forcing
Packet injection
MAC spoofing
ARP poisoning

76. What is the purpose of the "shred" command in Linux?

Securely delete files
Encrypt disks
Crack passwords
Scan networks

77. Which tool is used for forensic disk imaging?

FTK Imager
Nmap
Metasploit
John the Ripper

78. What does a SIEM system do?

Centralize security monitoring
Encrypt communications
Block malware
Filter spam

79. Which security standard applies to payment card data?

PCI DSS
HIPAA
SOX
GDPR

80. What is the purpose of a bastion host?

Secure gateway between networks
Store backup files
Run antivirus scans
Monitor employee activity

81. Which tool is used for detecting intrusions?

Snort
Nmap
Metasploit
John the Ripper

82. What is the main risk of open wireless networks?

Eavesdropping
Slow speeds
Device incompatibility
Power consumption

83. Which type of attack exploits session tokens?

Session hijacking
Phishing
DDoS
SQL injection

84. What is the purpose of the "traceroute" command?

Map network path
Encrypt files
Crack passwords
Scan ports

85. Which security control prevents tailgating?

Mantrap
Firewall
Antivirus
VPN

86. What is the primary risk of USB drop attacks?

Malware infection
Data corruption
Hardware damage
Power surges

87. Which tool is used for web application security testing?

OWASP ZAP
Wireshark
Nmap
Aircrack-ng

88. What is the purpose of salting in password security?

Prevent rainbow table attacks
Encrypt passwords
Shorten passwords
Speed up authentication

89. Which type of attack targets DNS servers?

DNS poisoning
Phishing
SQL injection
Cross-site scripting

90. What is the purpose of the "chroot" command?

Restrict file system access
Encrypt disks
Crack passwords
Scan networks

91. Which security standard applies to healthcare data?

HIPAA
PCI DSS
SOX
GDPR

92. What is the primary purpose of a sandbox?

Isolate potentially malicious code
Store sensitive data
Monitor network traffic
Filter spam

93. Which tool is used for detecting wireless networks?

Kismet
Nmap
Metasploit
John the Ripper

94. What is the main risk of clickjacking?

Unauthorized actions through hidden UI elements
Malware infection
Data corruption
Network congestion

95. Which type of attack bypasses authentication?

Pass-the-hash
Phishing
DDoS
SQL injection

96. What is the purpose of the "dd" command?

Create disk images
Encrypt files
Crack passwords
Scan networks

97. Which security control prevents directory traversal?

Input validation
Firewalls
Antivirus
VPNs

98. What is the primary risk of RFID skimming?

Wireless credential theft
Malware infection
Data corruption
Network congestion

99. Which tool is used for analyzing network protocols?

Wireshark
Nmap
Metasploit
John the Ripper

100. What is the purpose of a write blocker in forensics?

Prevent evidence tampering
Encrypt disks
Crack passwords
Scan networks

101. Which security framework focuses on cloud computing?

CSA STAR
ISO 27001
NIST CSF
COBIT

102. What is the primary purpose of a VPN?

Secure remote access
Block malware
Filter spam
Monitor employees

103. Which tool is used for steganography analysis?

Stegdetect
Nmap
Metasploit
John the Ripper

104. What is the main risk of insufficient logging?

Difficulty investigating incidents
Malware infection
Data corruption
Network congestion

105. Which type of attack exploits buffer overflows?

Stack smashing
Phishing
DDoS
ARP spoofing

106. What is the purpose of the "file" command?

Identify file types
Encrypt files
Crack passwords
Scan networks

107. Which security control prevents MITM attacks?

Certificate pinning
Firewalls
Antivirus
VPNs

108. What is the primary risk of insufficient entropy?

Weak cryptographic keys
Malware infection
Data corruption
Network congestion

109. Which tool is used for analyzing PDF files?

PDFid
Wireshark
Nmap
Burp Suite

110. What is the purpose of a hardware security module?

Secure cryptographic operations
Speed up processing
Extend battery life
Improve graphics

111. Which security standard applies to EU data protection?

GDPR
HIPAA
PCI DSS
SOX

112. What is the primary purpose of a WAF?

Protect web applications
Block spam
Monitor employees
Filter network traffic

113. Which tool is used for analyzing Windows event logs?

Event Viewer
Nmap
Metasploit
John the Ripper

114. What is the main risk of insufficient input validation?

Injection attacks
Malware infection
Data corruption
Network congestion

115. Which type of attack exploits race conditions?

TOCTOU
Phishing
DDoS
SQL injection

116. What is the purpose of the "grep" command?

Search text patterns
Encrypt files
Crack passwords
Scan networks

117. Which security control prevents insecure direct object references?

Access control checks
Firewalls
Antivirus
VPNs

118. What is the primary risk of deprecated protocols?

Known vulnerabilities
Slow performance
Incompatibility
High cost

119. Which tool is used for analyzing registry hives?

RegRipper
Wireshark
Nmap
Burp Suite

120. What is the purpose of a TOTP token?

Two-factor authentication
Encrypt files
Crack passwords
Scan networks

The Ceh 312 50v11 Certified Ethical Hacker V11 Exam certification is a globally recognized credential for IT professionals. This practice test helps you prepare by covering key topics like hardware, networking, troubleshooting, and security.

Want more practice? Check out our other mock exams:

Ceh Certified Ethical Hacker V
Ceh Ec Ethical Hacking And Countermeasures V
Ceh Certified Ethical Hacker V Exam
Ceh Ec Ethical Hacking And Countermeasures V
Ceh Certified Ethical Hacker Exam V
Ceh Certified Ethical Hacker V Exam

Support

📧 Email Support ❓ FAQ 📞 Contact Us

Legal

📄 Terms & Refund Policy 🔒 Privacy Policy ⚖️ DMCA

Company

👥 About Us 🗺️ Sitemap

Connect With Us

Follow for IT lab tutorials & certification updates

© 2025 ITCertRocket.com - Hands-On IT Lab Exercises & Certification Prep. All rights reserved.