EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 15, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 161:

    Which of the following is an application that requires a host application for replication?

    A. Micro
    B. Worm
    C. Trojan
    D. Virus

  • Question 162:

    An attacker has been successfully modifying the purchase price of items purchased on the company's web site. The security administrators verify the web server and Oracle database have not been compromised directly. They have also verified the Intrusion Detection System (IDS) logs and found no attacks that could have caused this. What is the mostly likely way the attacker has been able to modify the purchase price?

    A. By using SQL injection
    B. By changing hidden form values
    C. By using cross site scripting
    D. By utilizing a buffer overflow attack

  • Question 163:

    Oregon Corp is fighting a litigation suit with Scamster Inc. Oregon has assigned a private investigative agency to go through garbage, recycled paper, and other rubbish at Scamster's office site in order to find relevant information. What would you call this kind of activity?

    A. CI Gathering
    B. Scanning
    C. Dumpster Diving
    D. Garbage Scooping

  • Question 164:

    A security engineer has been asked to deploy a secure remote access solution that will allow employees to connect to the company's internal network. Which of the following can be implemented to minimize the opportunity for the man-in-themiddle attack to occur?

    A. SSL
    B. Mutual authentication
    C. IPSec
    D. Static IP addresses

  • Question 165:

    How many bits encryption does SHA-1 use?

    A. 64 bits
    B. 128 bits
    C. 256 bits
    D. 160 bits

  • Question 166:

    Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation?

    A. Penetration testing
    B. Social engineering
    C. Vulnerability scanning
    D. Access control list reviews

  • Question 167:

    Which statement is TRUE regarding network firewalls preventing Web Application attacks?

    A. Network firewalls can prevent attacks because they can detect malicious HTTP traffic.
    B. Network firewalls cannot prevent attacks because ports 80 and 443 must be opened.
    C. Network firewalls can prevent attacks if they are properly configured.
    D. Network firewalls cannot prevent attacks because they are too complex to configure.

  • Question 168:

    What is the following command used for? net use \targetipc$ "" /u:""

    A. Grabbing the etc/passwd file
    B. Grabbing the SAM
    C. Connecting to a Linux computer through Samba.
    D. This command is used to connect as a null session
    E. Enumeration of Cisco routers

  • Question 169:

    Most cases of insider abuse can be traced to individuals who are introverted, incapable of dealing with stress or conflict, and frustrated with their job, office politics, and lack of respect or promotion. Disgruntled employees may pass company secrets and intellectual property to competitors for monitory benefits.

    Here are some of the symptoms of a disgruntled employee:

    A. Frequently leaves work early, arrive late or call in sick
    B. Spends time surfing the Internet or on the phone
    C. Responds in a confrontational, angry, or overly aggressive way to simple requests or comments
    D. Always negative; finds fault with everything These disgruntled employees are the biggest threat to enterprise security. How do you deal with these threats? (Select 2 answers)
    E. Limit access to the applications they can run on their desktop computers and enforce strict work hour rules
    F. By implementing Virtualization technology from the desktop to the data centre, organizations can isolate different environments with varying levels of access and security to various employees
    G. Organizations must ensure that their corporate data is centrally managed and delivered to users just and when needed
    H. Limit Internet access, e-mail communications, access to social networking sites and job hunting portals

  • Question 170:

    A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of attack?

    A. Forensic attack
    B. ARP spoofing attack
    C. Social engineering attack
    D. Scanning attack

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.