EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 15, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 731:

    Gerald, the Systems Administrator for Hyped Enterprises, has just discovered that his network has been breached by an outside attacker. After performing routine maintenance on his servers, he discovers numerous remote tools were installed that no one claims to have knowledge of in his department. Gerald logs onto the management console for his IDS and discovers an unknown IP address that scanned his network constantly for a week and was able to access his network through a high-level port that was not closed. Gerald traces the IP address he found in the IDS log to a proxy server in Brazil. Gerald calls the company that owns the proxy server and after searching through their logs, they trace the source to another proxy server in Switzerland. Gerald calls the company in Switzerland that owns the proxy server and after scanning through the logs again, they trace the source back to a proxy server in China. What proxy tool has Gerald's attacker used to cover their tracks?

    A. ISA proxy
    B. IAS proxy
    C. TOR proxy
    D. Cheops proxy

  • Question 732:

    Passive reconnaissance involves collecting information through which of the following?

    A. Social engineering
    B. Network traffic sniffing
    C. Man in the middle attacks
    D. Publicly accessible sources

  • Question 733:

    Which NMAP feature can a tester implement or adjust while scanning for open ports to avoid detection by the network's IDS?

    A. Timing options to slow the speed that the port scan is conducted
    B. Fingerprinting to identify which operating systems are running on the network
    C. ICMP ping sweep to determine which hosts on the network are not available
    D. Traceroute to control the path of the packets sent during the scan

  • Question 734:

    Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network. Which of these tools would do the SNMP enumeration he is looking for? Select the best answers.

    A. SNMPUtil
    B. SNScan
    C. SNMPScan
    D. Solarwinds IP Network Browser
    E. NMap

  • Question 735:

    Blake is in charge of securing all 20 of his company's servers. He has enabled hardware and software firewalls, hardened the operating systems, and disabled all unnecessary services on all the servers. Unfortunately, there is proprietary AS400 emulation software that must run on one of the servers that requires the telnet service to function properly. Blake is especially concerned about this since telnet can be a very large security risk in an organization. Blake is concerned about how this particular server might look to an outside attacker so he decides to perform some footprinting, scanning, and penetration tests on the server. Blake telnets into the server using Port 80 and types in the following command:

    HEAD / HTTP/1.0

    After pressing enter twice, Blake gets the following results: What has Blake just accomplished?

    A. Downloaded a file to his local computer
    B. Submitted a remote command to crash the server
    C. Poisoned the local DNS cache of the server
    D. Grabbed the Operating System banner

  • Question 736:

    Fred is the network administrator for his company. Fred is testing an internal switch. From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this?

    A. Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.
    B. He can send an IP packet with the SYN bit and the source address of his computer.
    C. Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.
    D. Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.

  • Question 737:

    While testing web applications, you attempt to insert the following test script into the search area on the company's web site:

    Later, when you press the search button, a pop up box appears on your screen with the text "Testing Testing Testing". What vulnerability is detected in the web application here?

    A. Cross Site Scripting
    B. Password attacks
    C. A Buffer Overflow
    D. A hybrid attack

  • Question 738:

    What is the proper response for a FIN scan if the port is closed?

    A. SYN
    B. ACK
    C. FIN
    D. PSH
    E. RST

  • Question 739:

    How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?

    A. There is no way to tell because a hash cannot be reversed
    B. The right most portion of the hash is always the same
    C. The hash always starts with AB923D
    D. The left most portion of the hash is always the same
    E. A portion of the hash will be all 0's

  • Question 740:

    Low humidity in a data center can cause which of the following problems?

    A. Heat
    B. Corrosion
    C. Static electricity
    D. Airborne contamination

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.