EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 15, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 721:

    A zone file consists of which of the following Resource Records (RRs)?

    A. DNS, NS, AXFR, and MX records
    B. DNS, NS, PTR, and MX records
    C. SOA, NS, AXFR, and MX records
    D. SOA, NS, A, and MX records

  • Question 722:

    One of your junior administrator is concerned with Windows LM hashes and password cracking. In your discussion with them, which of the following are true statements that you would point out? Select the best answers.

    A. John the Ripper can be used to crack a variety of passwords, but one limitation is that the output doesn't show if the password is upper or lower case.
    B. BY using NTLMV1, you have implemented an effective countermeasure to password cracking.
    C. SYSKEY is an effective countermeasure.
    D. If a Windows LM password is 7 characters or less, the hash will be passed with the following characters, in HEX- 00112233445566778899.
    E. Enforcing Windows complex passwords is an effective countermeasure.

  • Question 723:

    In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive, although slow. It usually tries every possible letter and number combination in its automated exploration.

    If you would use both brute force and dictionary methods combined together to have variation of words, what would you call such an attack?

    A. Full Blown
    B. Thorough
    C. Hybrid
    D. BruteDics

  • Question 724:

    In the software security development life cyle process, threat modeling occurs in which phase?

    A. Design
    B. Requirements
    C. Verification
    D. Implementation

  • Question 725:

    A certified ethical hacker (CEH) completed a penetration test of the main headquarters of a company almost two months ago, but has yet to get paid. The customer is suffering from financial problems, and the CEH is worried that the company will go out of business and end up not paying. What actions should the CEH take?

    A. Threaten to publish the penetration test results if not paid.
    B. Follow proper legal procedures against the company to request payment.
    C. Tell other customers of the financial problems with payments from this company.
    D. Exploit some of the vulnerabilities found on the company webserver to deface it.

  • Question 726:

    When working with Windows systems, what is the RID of the true administrator account?

    A. 500
    B. 501
    C. 1000
    D. 1001
    E. 1024
    F. 512

  • Question 727:

    After gaining access to the password hashes used to protect access to a web based application, knowledge of which cryptographic algorithms would be useful to gain access to the application?

    A. SHA1
    B. Diffie-Helman
    C. RSA
    D. AES

  • Question 728:

    You are the security administrator for a large network. You want to prevent attackers from running any sort of traceroute into your DMZ and discovering the internal structure of publicly accessible areas of the network. How can you achieve this?

    A. There is no way to completely block tracerouting into this area
    B. Block UDP at the firewall
    C. Block TCP at the firewall
    D. Block ICMP at the firewall

  • Question 729:

    What are the three types of authentication?

    A. Something you: know, remember, prove
    B. Something you: have, know, are
    C. Something you: show, prove, are
    D. Something you: show, have, prove

  • Question 730:

    A rootkit is a collection of tools (programs) that enable administrator-level access to a computer. This program hides itself deep into an operating system for malicious activity and is extremely difficult to detect. The malicious software operates in a stealth fashion by hiding its files, processes and registry keys and may be used to create a hidden directory or folder designed to keep out of view from a user's operating system and security software.

    What privilege level does a rootkit require to infect successfully on a Victim's machine?

    A. User level privileges
    B. Ring 3 Privileges
    C. System level privileges
    D. Kernel level privileges

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.