EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 07, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 61:

    When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?

    A. At least once a year and after any significant upgrade or modification
    B. At least once every three years or after any significant upgrade or modification
    C. At least twice a year or after any significant upgrade or modification
    D. At least once every two years and after any significant upgrade or modification

  • Question 62:

    A digital signature is simply a message that is encrypted with the public key instead of the private key.

    A. true
    B. false

  • Question 63:

    A denial of Service (DoS) attack works on the following principle:

    A. MS-DOS and PC-DOS operating system utilize a weaknesses that can be compromised and permit them to launch an attack easily.
    B. All CLIENT systems have TCP/IP stack implementation weakness that can be compromised and permit them to lunch an attack easily.
    C. Overloaded buffer systems can easily address error conditions and respond appropriately.
    D. Host systems cannot respond to real traffic, if they have an overwhelming number of incomplete connections (SYN/RCVD State).
    E. A server stops accepting connections from certain networks one those network become flooded.

  • Question 64:

    In Linux, the three most common commands that hackers usually attempt to Trojan are:

    A. car, xterm, grep
    B. netstat, ps, top
    C. vmware, sed, less
    D. xterm, ps, nc

  • Question 65:

    In the context of using PKI, when Sven wishes to send a secret message to Bob, he looks up Bob's public key in a directory, uses it to encrypt the message before sending it off. Bob then uses his private key to decrypt the message and reads it. No one listening on can decrypt the message.

    Anyone can send an encrypted message to Bob but only Bob can read it. Thus, although many people may know Bob's public key and use it to verify Bob's signature, they cannot discover Bob's private key and use it to forge digital signatures.

    What does this principle refer to?

    A. Irreversibility
    B. Non-repudiation
    C. Symmetry
    D. Asymmetry

  • Question 66:

    Neil is a network administrator working in Istanbul. Neil wants to setup a protocol analyzer on his network that will receive a copy of every packet that passes through the main office switch. What type of port will Neil need to setup in order to accomplish this?

    A. Neil will have to configure a Bridged port that will copy all packets to the protocol analyzer.
    B. Neil will need to setup SPAN port that will copy all network traffic to the protocol analyzer.
    C. He will have to setup an Ether channel port to get a copy of all network traffic to the analyzer.
    D. He should setup a MODS port which will copy all network traffic.

  • Question 67:

    What is the tool Firewalk used for?

    A. To test the IDS for proper operation
    B. To test a firewall for proper operation
    C. To determine what rules are in place for a firewall
    D. To test the webserver configuration
    E. Firewalk is a firewall auto configuration tool

  • Question 68:

    Jeremy is web security consultant for Information Securitas. Jeremy has just been hired to perform contract work for a large state agency in Michigan. Jeremy's first task is to scan all the company's external websites. Jeremy comes upon a login page which appears to allow employees access to sensitive areas on the website. James types in the following statement in the username field:

    SELECT * from Users where username='admin' ?AND password='' AND email like '%@testers.com%'

    What will the SQL statement accomplish?

    A. If the page is susceptible to SQL injection, it will look in the Users table for usernames of admin
    B. This statement will look for users with the name of admin, blank passwords, and email addresses that end in @testers.com
    C. This Select SQL statement will log James in if there are any users with NULL passwords
    D. James will be able to see if there are any default user accounts in the SQL database

  • Question 69:

    In Trojan terminology, what is required to create the executable file chess.exe as shown below?

    A. Mixer
    B. Converter
    C. Wrapper
    D. Zipper

  • Question 70:

    Exhibit:

    The following is an entry captured by a network IDS.You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack. You also notice "/bin/sh" in the ASCII part of the output. As an analyst what would you conclude about the attack?

    A. The buffer overflow attack has been neutralized by the IDS
    B. The attacker is creating a directory on the compromised machine
    C. The attacker is attempting a buffer overflow attack and has succeeded
    D. The attacker is attempting an exploit that launches a command-line shell

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.