EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 15, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 261:

    Employees in a company are no longer able to access Internet web sites on their computers. The network administrator is able to successfully ping IP address of web servers on the Internet and is able to open web sites by using an IP address in place of the URL. The administrator runs the nslookup command for www.eccouncil.org and receives an error message stating there is no response from the server. What should the administrator do next?

    A. Configure the firewall to allow traffic on TCP ports 53 and UDP port 53.
    B. Configure the firewall to allow traffic on TCP ports 80 and UDP port 443.
    C. Configure the firewall to allow traffic on TCP port 53.
    D. Configure the firewall to allow traffic on TCP port 8080.

  • Question 262:

    Which set of access control solutions implements two-factor authentication?

    A. USB token and PIN
    B. Fingerprint scanner and retina scanner
    C. Password and PIN
    D. Account and password

  • Question 263:

    Which of the statements concerning proxy firewalls is correct?

    A. Proxy firewalls increase the speed and functionality of a network.
    B. Firewall proxy servers decentralize all activity for an application.
    C. Proxy firewalls block network packets from passing to and from a protected network.
    D. Computers establish a connection with a proxy firewall which initiates a new network connection for the client.

  • Question 264:

    Which of the following is a detective control?

    A. Smart card authentication
    B. Security policy
    C. Audit trail
    D. Continuity of operations plan

  • Question 265:

    What file system vulnerability does the following command take advantage of?

    type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe

    A. HFS
    B. ADS
    C. NTFS
    D. Backdoor access

  • Question 266:

    Basically, there are two approaches to network intrusion detection: signature detection, and anomaly detection. The signature detection approach utilizes well-known signatures for network traffic to identify potentially malicious traffic. The anomaly detection approach utilizes a previous history of network traffic to search for patterns that are abnormal, which would indicate an intrusion. How can an attacker disguise his buffer overflow attack signature such that there is a greater probability of his attack going undetected by the IDS?

    A. He can use a shellcode that will perform a reverse telnet back to his machine
    B. He can use a dynamic return address to overwrite the correct value in the target machine computer memory
    C. He can chain NOOP instructions into a NOOP "sled" that advances the processor's instruction pointer to a random place of choice
    D. He can use polymorphic shell code-with a tool such as ADMmutate - to change the signature of his exploit as seen by a network IDS

  • Question 267:

    Take a look at the following attack on a Web Server using obstructed URL:

    How would you protect from these attacks?

    A. Configure the Web Server to deny requests involving "hex encoded" characters
    B. Create rules in IDS to alert on strange Unicode requests
    C. Use SSL authentication on Web Servers
    D. Enable Active Scripts Detection at the firewall and routers

  • Question 268:

    Which of the following ensures that updates to policies, procedures, and configurations are made in a controlled and documented fashion?

    A. Regulatory compliance
    B. Peer review
    C. Change management
    D. Penetration testing

  • Question 269:

    Here is the ASCII Sheet.

    You want to guess the DBO username juggyboy (8 characters) using Blind SQL Injection technique. What is the correct syntax?

    A. Option A
    B. Option B
    C. Option C
    D. Option D

  • Question 270:

    Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall?

    A. UDP 123
    B. UDP 541
    C. UDP 514
    D. UDP 415

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.