EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 15, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 191:

    Which of the following are valid types of rootkits? (Choose three.)

    A. Hypervisor level
    B. Network level
    C. Kernel level
    D. Application level
    E. Physical level
    F. Data access level

  • Question 192:

    StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use _____ defense against buffer overflow attacks.

    A. Canary
    B. Hex editing
    C. Format checking
    D. Non-executing stack

  • Question 193:

    Windows LAN Manager (LM) hashes are known to be weak. Which of the following are known weaknesses of LM? (Choose three)

    A. Converts passwords to uppercase.
    B. Hashes are sent in clear text over the network.
    C. Makes use of only 32 bit encryption.
    D. Effective length is 7 characters.

  • Question 194:

    You are trying to package a RAT Trojan so that Anti-Virus software will not detect it. Which of the listed technique will NOT be effective in evading Anti-Virus scanner?

    A. Convert the Trojan.exe file extension to Trojan.txt disguising as text file
    B. Break the Trojan into multiple smaller files and zip the individual pieces
    C. Change the content of the Trojan using hex editor and modify the checksum
    D. Encrypt the Trojan using multiple hashing algorithms like MD5 and SHA-1

  • Question 195:

    When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?

    A. Network tap
    B. Layer 3 switch
    C. Network bridge
    D. Application firewall

  • Question 196:

    Jason's Web server was attacked by a trojan virus. He runs protocol analyzer and notices that the trojan communicates to a remote server on the Internet. Shown below is the standard "hexdump" representation of the network packet, before being decoded. Jason wants to identify the trojan by looking at the destination port number and mapping to a trojan-port number database on the Internet. Identify the remote server's port number by decoding the packet?

    A. Port 1890 (Net-Devil Trojan)
    B. Port 1786 (Net-Devil Trojan)
    C. Port 1909 (Net-Devil Trojan)
    D. Port 6667 (Net-Devil Trojan)

  • Question 197:

    Which of the following tools will scan a network to perform vulnerability checks and compliance auditing?

    A. NMAP
    B. Metasploit
    C. Nessus
    D. BeEF

  • Question 198:

    An NMAP scan of a server shows port 69 is open. What risk could this pose?

    A. Unauthenticated access
    B. Weak SSL version
    C. Cleartext login
    D. Web portal data leak

  • Question 199:

    Which of the following is NOT a reason 802.11 WEP encryption is vulnerable?

    A. There is no mutual authentication between wireless clients and access points
    B. Automated tools like AirSnort are available to discover WEP keys
    C. The standard does not provide for centralized key management
    D. The 24 bit Initialization Vector (IV) field is too small

  • Question 200:

    In which location, SAM hash passwords are stored in Windows 7?

    A. c:\windows\system32\config\SAM
    B. c:\winnt\system32\machine\SAM
    C. c:\windows\etc\drivers\SAM
    D. c:\windows\config\etc\SAM

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.