EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 15, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 771:

    Which of the following is an automated vulnerability assessment tool?

    A. Whack a Mole
    B. Nmap
    C. Nessus
    D. Kismet
    E. Jill32

  • Question 772:

    What is GINA?

    A. Gateway Interface Network Application
    B. GUI Installed Network Application CLASS
    C. Global Internet National Authority (G-USA)
    D. Graphical Identification and Authentication DLL

  • Question 773:

    Clive is conducting a pen-test and has just port scanned a system on the network. He has identified the operating system as Linux and been able to elicit responses from ports 23, 25 and 53. He infers port 23 as running Telnet service, port 25 as running SMTP service and port 53 as running DNS service. The client confirms these findings and attests to the current availability of the services. When he tries to telnet to port 23 or 25, he gets a blank screen in response. On typing other commands, he sees only blank spaces or underscores symbols on the screen. What are you most likely to infer from this?

    A. The services are protected by TCP wrappers
    B. There is a honeypot running on the scanned machine
    C. An attacker has replaced the services with trojaned ones
    D. This indicates that the telnet and SMTP server have crashed

  • Question 774:

    Exhibit:

    Given the following extract from the snort log on a honeypot, what service is being exploited? :

    A. FTP
    B. SSH
    C. Telnet
    D. SMTP

  • Question 775:

    A common technique for luring e-mail users into opening virus-launching attachments is to send messages that would appear to be relevant or important to many of their potential recipients. One way of accomplishing this feat is to make the virus-carrying messages appear to come from some type of business entity retailing sites, UPS, FEDEX, CITIBANK or a major provider of a common service.

    Here is a fraudulent e-mail claiming to be from FedEx regarding a package that could not be delivered. This mail asks the receiver to open an attachment in order to obtain the FEDEX tracking number for picking up the package. The attachment contained in this type of e-mail activates a virus.

    Vendors send e-mails like this to their customers advising them not to open any files attached with the mail, as they do not include attachments.

    Fraudulent e-mail and legit e-mail that arrives in your inbox contain the fedex.com as the sender of the mail.

    How do you ensure if the e-mail is authentic and sent from fedex.com?

    A. Verify the digital signature attached with the mail, the fake mail will not have Digital ID at all
    B. Check the Sender ID against the National Spam Database (NSD)
    C. Fake mail will have spelling/grammatical errors
    D. Fake mail uses extensive images, animation and flash content

  • Question 776:

    Which security control role does encryption meet?

    A. Preventative
    B. Detective
    C. Offensive
    D. Defensive

  • Question 777:

    One of your team members has asked you to analyze the following SOA record. What is the TTL?

    Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.

    A. 200303028
    B. 3600
    C. 604800
    D. 2400
    E. 60
    F. 4800

  • Question 778:

    Which type of security document is written with specific step-by-step details?

    A. Process
    B. Procedure
    C. Policy
    D. Paradigm

  • Question 779:

    Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain. What do you think Tess King is trying to accomplish? Select the best answer.

    A. A zone harvesting
    B. A zone transfer
    C. A zone update
    D. A zone estimate

  • Question 780:

    LM authentication is not as strong as Windows NT authentication so you may want to disable its use, because an attacker eavesdropping on network traffic will attack the weaker protocol. A successful attack can compromise the user's password. How do you disable LM authentication in Windows XP?

    A. Stop the LM service in Windows XP
    B. Disable LSASS service in Windows XP
    C. Disable LM authentication in the registry
    D. Download and install LMSHUT.EXE tool from Microsoft website

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.