EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 15, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 221:

    Which one of the following network attacks takes advantages of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?

    A. Teardrop
    B. Smurf
    C. Ping of Death
    D. SYN flood
    E. SNMP Attack

  • Question 222:

    Study the following exploit code taken from a Linux machine and answer the questions below:

    echo "ingreslock stream tcp nowait root /bin/sh sh " > /tmp/x;

    /usr/sbin/inetd /tmp/x;

    sleep 10;

    /bin/ rm /tmp/x AAAA...AAA

    In the above exploit code, the command "/bin/sh sh " is given.

    What is the purpose, and why is `sh' shown twice?

    A. The command /bin/sh sh appearing in the exploit code is actually part of an inetd configuration file.
    B. The length of such a buffer overflow exploit makes it prohibitive for user to enter manually. The second `sh' automates this function.
    C. It checks for the presence of a codeword (setting the environment variable) among the environment variables.
    D. It is a giveaway by the attacker that he is a script kiddy.

  • Question 223:

    Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?

    A. Sarbanes-Oxley Act (SOX)
    B. Gramm-Leach-Bliley Act (GLBA)
    C. Fair and Accurate Credit Transactions Act (FACTA)
    D. Federal Information Security Management Act (FISMA)

  • Question 224:

    What two things will happen if a router receives an ICMP packet, which has a TTL value of 1, and the destination host is several hops away? (Select 2 answers)

    A. The router will discard the packet
    B. The router will decrement the TTL value and forward the packet to the next router on the path to the destination host
    C. The router will send a time exceeded message to the source host
    D. The router will increment the TTL value and forward the packet to the next router on the path to the destination host.
    E. The router will send an ICMP Redirect Message to the source host

  • Question 225:

    Bluetooth uses which digital modulation technique to exchange information between paired devices?

    A. PSK (phase-shift keying)
    B. FSK (frequency-shift keying)
    C. ASK (amplitude-shift keying)
    D. QAM (quadrature amplitude modulation)

  • Question 226:

    E-mail tracking is a method to monitor and spy the delivered e-mails to the intended recipient.

    Select a feature, which you will NOT be able to accomplish with this probe?

    A. When the e-mail was received and read
    B. Send destructive e-mails
    C. GPS location and map of the recipient
    D. Time spent on reading the e-mails
    E. Whether or not the recipient visited any links sent to them
    F. Track PDF and other types of attachments
    G. Set messages to expire after specified time
    H. Remote control the User's E-mail client application and hijack the traffic

  • Question 227:

    Which definition below best describes a covert channel?

    A. A server program using a port that is not well known
    B. Making use of a protocol in a way it was not intended to be used
    C. It is the multiplexing taking place on a communication link
    D. It is one of the weak channels used by WEP that makes it insecure

  • Question 228:

    How can a rootkit bypass Windows 7 operating system's kernel mode, code signing policy?

    A. Defeating the scanner from detecting any code change at the kernel
    B. Replacing patch system calls with its own version that hides the rootkit (attacker's) actions
    C. Performing common services for the application process and replacing real applications with fake ones
    D. Attaching itself to the master boot record in a hard drive and changing the machine's boot sequence/options

  • Question 229:

    What flags are set in a X-MAS scan?(Choose all that apply.

    A. SYN
    B. ACK
    C. FIN
    D. PSH
    E. RST
    F. URG

  • Question 230:

    Bob is a very security conscious computer user. He plans to test a site that is known to have malicious applets, code, and more. Bob always make use of a basic Web Browser to perform such testing. Which of the following web browser can adequately fill this purpose?

    A. Internet Explorer
    B. Mozila
    C. Lynx
    D. Tiger

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.