EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 15, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 211:

    Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web site during work hours, without any consideration for others. Neil knows that he has an up-to- date content filtering system and such access should not be authorized. What type of technique might be used by these offenders to access the Internet without restriction?

    A. They are using UDP that is always authorized at the firewall
    B. They are using HTTP tunneling software that allows them to communicate with protocols in a way it was not intended
    C. They have been able to compromise the firewall, modify the rules, and give themselves proper access
    D. They are using an older version of Internet Explorer that allow them to bypass the proxy server

  • Question 212:

    How would you describe a simple yet very effective mechanism for sending and receiving unauthorized information or data between machines without alerting any firewalls and IDS's on a network?

    A. Covert Channel
    B. Crafted Channel
    C. Bounce Channel
    D. Deceptive Channel

  • Question 213:

    Once an intruder has gained access to a remote system with a valid username and password, the attacker will attempt to increase his privileges by escalating the used account to one that has increased privileges. such as that of an administrator. What would be the best countermeasure to protect against escalation of priveges?

    A. Give users tokens
    B. Give user the least amount of privileges
    C. Give users two passwords
    D. Give users a strong policy document

  • Question 214:

    If you receive a RST packet while doing an ACK scan, it indicates that the port is open.(True/False).

    A. True
    B. False

  • Question 215:

    Which is the right sequence of packets sent during the initial TCP three way handshake?

    A. FIN, FIN-ACK, ACK
    B. SYN, URG, ACK
    C. SYN, ACK, SYN-ACK
    D. SYN, SYN-ACK, ACK

  • Question 216:

    Which of the following tool would be considered as Signature Integrity Verifier (SIV)?

    A. Nmap
    B. SNORT
    C. VirusSCAN
    D. Tripwire

  • Question 217:

    You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles. You know that conventional hacking doesn't work in this case, because organizations such as banks are generally tight and secure when it comes to protecting their systems. In other words you are trying to penetrate an otherwise impenetrable system. How would you proceed?

    A. Look for "zero-day" exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the bank's network
    B. Try to hang around the local pubs or restaurants near the bank, get talking to a poorly- paid or disgruntled employee, and offer them money if they'll abuse their access privileges by providing you with sensitive information
    C. Launch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000 or more "zombies" and "bots"
    D. Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank's Webserver to that of your machine using DNS Cache Poisoning techniques

  • Question 218:

    NSLookup is a good tool to use to gain additional information about a target network. What does the following command accomplish? nslookup

    > server

    > set type =any

    > ls -d

    A. Enables DNS spoofing
    B. Loads bogus entries into the DNS table
    C. Verifies zone security
    D. Performs a zone transfer
    E. Resets the DNS cache

  • Question 219:

    What is Hunt used for?

    A. Hunt is used to footprint networks
    B. Hunt is used to sniff traffic
    C. Hunt is used to hack web servers
    D. Hunt is used to intercept traffic i.e. man-in-the-middle traffic
    E. Hunt is used for password cracking

  • Question 220:

    What are the main drawbacks for anti-virus software?

    A. AV software is difficult to keep up to the current revisions.
    B. AV software can detect viruses but can take no action.
    C. AV software is signature driven so new exploits are not detected.
    D. It's relatively easy for an attacker to change the anatomy of an attack to bypass AV systems
    E. AV software isn't available on all major operating systems platforms.
    F. AV software is very machine (hardware) dependent.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.