About ECCouncil 312-50v10 Exam
EC-Council 312-50v10 is a codename of the qualifying exam associated with the Certified Ethical Hacker (CEH) certification. This certificate is designed to help the cybersecurity professionals develop their competency in the fundamentals of ethical hacking, including information security threats & attack vectors, attack detection & prevention, techniques, procedures. Passing the 312-50v10 test allows you to validate your expertise in the major hacking practices, such as reconnaissance & footprinting, system hacking, scanning networks, enumeration, Trojans, viruses, worms, social engineering, SQL injection, session hijacking, evading IDS, hacking web applications, web servers, wireless networks, and cryptography, among others.
The EC-Council 312-50v10 exam is intended for anyone interested in network integrity and seeking to master hacking technologies. These individuals can be the systems administrators, network administrators and engineers, web managers, auditors, and security professionals in general.
Eligibility Process and Exam Overview
The candidates have two ways of obtaining the EC-Council CEH certification. The first option implies that you attend the official training course before attempting the prerequisite exam. The training can be taken either via its iClass platform, an accredited training center, or an authorized academic institution on a paid basis. Once you have completed your course, you become eligible for the EC-Council 312-50v10 test. In this case, no fee will be charged as the course fee actually includes the cost of the exam.
Alternatively, you can take the certification exam without attending formal training. This is where the EC-Council eligibility application process comes in. To meet the eligibility criteria, you need to have at least 2 years of experience in the cybersecurity field. You must also submit the completed Exam Eligibility Application Form and get approval from EC-Council. After receiving the authorization from the vendor, you will be required to pay a nonrefundable eligibility application fee of $100.
The EC-Council 312-50v10 test lasts for 4 hours and consists of 125 multiple-choice questions. The passing score is subject to change and is different for each exam delivery. EC-Council has the procedure for identifying the difficulty rate for each exam question. The individual question rating contributes to the general pass mark. Depending on the complexity of the certification test, the score can vary from 60% to 85%. The exam for the CEH certificate can be taken either at the ECC Exam Centre or any center offered by Pearson VUE.
Exam Outline in Detail
The EC-Council 312-50v10 exam measures the candidates’ competence in a wide range of hacking techniques that are grouped into 20 modules. Here they are:
Module 1: Introduction to Ethical Hacking
This topic includes one’s understanding of current security trends; familiarity with cybersecurity elements; awareness of cybersecurity threats & attack vectors; knowledge of hacking types, concepts, as well as phases; familiarity with ethical hacking scope and concepts; understanding of cybersecurity management & defense-in-depth; knowledge of procedures, policies, as well as awareness; awareness of physical security & controls; grasp of incidence management processes; knowledge of vulnerability evaluation as well as penetration testing; familiarity with cybersecurity acts and laws.
Module 2: Footprinting & Reconnaissance
Here the applicants need to demonstrate their competency in footprinting principles; footprinting via search engines; footprinting with the help of advanced Google hacking methods; footprinting via social networks; understanding various methods for website footprinting; understanding various methods for email footprinting; understanding various methods of competitive intelligence; understanding various methods for WHO IS footprinting; understanding various methods for network footprinting; understanding various methods of footprinting via social engineering; footprinting tools & countermeasures; footprinting Pen Testing.
Module 3: Scanning Networks
This section requires the individuals’ skills in networking scanning; applying various methods to check for Live Systems; applying various methods to check for Open Ports; applying various scanning methods; applying different IDS Evasion methods; applying banner grabbing; implementing vulnerability scanning; drawing network diagrams; utilizing Proxies and Anonymizer for an attack; applying IP Spoofing and different detection methods; scanning and Pen Testing.
Module 4: Enumeration
The objective covers your knowledge of enumeration concepts; various methods for NetBIOS enumeration; various methods for SNMP enumeration; various methods for LDAP enumeration various methods for NTP enumeration; various methods DNS and SMTP enumeration countermeasures; enumeration PEN testing.
Module 5: Vulnerability Evaluation
Within this module, the examinees must have expertise in management lifecycle vulnerability; various techniques for vulnerability analysis; tools utilized to execute vulnerability evaluation; vulnerability analysis techniques & tools.
Module 6: System Hacking
The domain encompasses the learners’ understanding of the CEH hacking methodology; familiarity with various techniques to access the system; awareness of privilege escalation methods; understanding of various methods to sustain remote access to the system; familiarity with Rootkits different types; awareness of Steganalysis and Steganograpy; familiarity with the methods of concealing evidence of compromise; understanding of system hacking penetration testing.
Module 7: Malware Threats
To tackle the questions associated with this subject, the applicants must be conversant with the basic malware and malware propagation methods; Trojans, their kinds, and how to infect systems; viruses, their kinds, and how they infect files; computer worms; malware analysis processes; various techniques to identify malware; malware countermeasures; malware penetration testing.
Module 8: Sniffing
Within this topic area, the test takers should have a good grasp of sniffing concepts; MAC attacks; DHCP attacks; ARP Poisoning; MAC Spoofing attacks; DNS poisoning; sniffing tools; sniffing countermeasures; various methods to identify sniffing; sniffing Pen Testing.
Module 9: Social Engineering
The section evaluates the examinees’ competency in social engineering; different social engineering methods; insider threats; impersonation on social networks; identity theft; social engineering countermeasures; identifying theft countermeasures; Social Engineering Pen Testing.
Module 10: Denial-of-Service
The domain requires comprehension of Denial of Service (DoS) as well as Distributed Denial-of-Service (DDoS) Attacks; various DoS & DDoS attack methods; botnet networks; different DoS and DDoS attack tools; DoS Attack Penetration Testing; DoS/DDoS countermeasures.
Module 11: Session Hijacking
In the framework of this subject area, the students need to demonstrate their understanding of session hijacking concepts; application level session hijacking; network level session hijacking; session hijacking tools; session hijacking penetration testing; session hijacking countermeasures.
Module 12: Avoiding IDS, Honeypots & Firewalls
To tackle the questions from this module, the individuals need to be aware of IDS, honeypot & firewall concepts as well as solutions; various methods to bypass IDS; various methods to bypass firewalls; Firewall/IDS evading tools; various methods to identify honeypots; Firewall/IDS evasion countermeasures; Firewall/IDS penetration testing.
Module 13: Hacking Web Servers
The objective includes your understanding of webserver concepts, attacks, attack tools, attack methodology; countermeasures contrary to webserver attacks; Patch Management; webserver security tools; webserver penetration testing.
Module 14: Hacking Web Applications
This section checks the candidates’ knowledge of web application concepts; web application threats; web application hacking techniques; web application hacking tools; web application countermeasures; web application security tools; penetration testing of the web application.
Module 15: SQL Injection
The domain requires one’s understanding of SQL injection concepts; different kinds of SQL injection attacks; SQL injection methodology; SQL injection tools; various IDS evasion methods; SQL injection detection tools; SQL injection countermeasures.
Module 16: Hacking Wireless Networks
This module focuses on wireless concepts; wireless encryption algorithms; wireless threats; wireless hacking methodology; wireless hacking tools; Bluetooth hacking methods; wireless hacking countermeasures; wireless security tools; wireless penetration testing.
Module 17: Hacking Mobile Platforms
Within this topic, the test takers need to have a solid understanding of mobile attack platform vectors; different android threat & attacks; different iOS threats & attacks; different Windows Phone OS threats & attacks; different blackberry threats & attacks; Mobile Device Management (MDM); mobile security guidelines & security tools; mobile penetration testing.
Module 18: IoT Hacking
This area includes the learners’ knowledge of IoT concepts; cryptography tools; IoT security tools; different IoT threats & attacks; IoT hacking.
Module 19: Cloud Computing
This domain requires your familiarity with Cloud computing concepts; Cloud computing threats; Cloud computing attacks; Cloud computing security; Cloud computing security tools; Cloud penetration testing.
Module 20: Cryptography
This subject covers the applicants’ understanding of cryptography concepts, algorithms, tools; familiarity with Public Key Infrastructure (PKI); understanding of email encryption; familiarity with disk encryption; understanding of Cryptography attacks; knowledge of cryptanalysis tools.
Related Positions and Possible Paycheck
Your successful completion of the EC-Council 312-50v10 exam leads you to the CEH certification. By adding this certificate to your resume, you can demonstrate to your potential employer that you have the sufficient expertise required to perform a network infrastructure inspection with the owner's permission to detect possible security vulnerabilities that a hacker could leverage.
The EC-Council CEH certification opens the doors to limitless employment opportunities. The job roles that the certified specialists can hold include:
- Security Analyst
- Network Engineer
- Cyber Warning Analyst
- Information Security Manager
- Solution Architect
- Cyber Defense Analyst
- Network Security Engineer
- Cybersecurity Engineer
- Cybersecurity Consultant
- Vulnerability Assessment Analyst
Moreover, the CEH certification brings you the income benefits. The average salary for the certificate holders amounts to $92,308 annually, according to PayScale. Depending on the specific job title of an individual, the type of the organization he/she works for, and his/her level of experience, this figure can be much higher. For instance, the average salary for a Cybersecurity Engineer is about $106,000 per year, while the average income of an Information Security Manager is approximately $118,000 per annum.