EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 07, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 781:

    Which of the following items of a computer system will an anti-virus program scan for viruses?

    A. Boot Sector
    B. Deleted Files
    C. Windows Process List
    D. Password Protected Files

  • Question 782:

    Bubba has just accessed he preferred ecommerce web site and has spotted an item that he would like to buy. Bubba considers the price a bit too steep. He looks at the source code of the webpage and decides to save the page locally, so that he can modify the page variables. In the context of web application security, what do you think Bubba has changes?

    A. A hidden form field value.
    B. A hidden price value.
    C. An integer variable.
    D. A page cannot be changed locally, as it is served by a web server.

  • Question 783:

    Which of the following guidelines or standards is associated with the credit card industry?

    A. Control Objectives for Information and Related Technology (COBIT)
    B. Sarbanes-Oxley Act (SOX)
    C. Health Insurance Portability and Accountability Act (HIPAA)
    D. Payment Card Industry Data Security Standards (PCI DSS)

  • Question 784:

    Bob wants to prevent attackers from sniffing his passwords on the wired network. Which of the following lists the best options?

    A. RSA, LSA, POP
    B. SSID, WEP, Kerberos
    C. SMB, SMTP, Smart card
    D. Kerberos, Smart card, Stanford SRP

  • Question 785:

    Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?

    A. Covert keylogger
    B. Stealth keylogger
    C. Software keylogger
    D. Hardware keylogger

  • Question 786:

    You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place. Your peer, Peter Smith who works at the same department disagrees with you. He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security chain. What is Peter Smith talking about?

    A. Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain
    B. "zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks
    C. "Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks
    D. Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

  • Question 787:

    Who is an Ethical Hacker?

    A. A person who hacks for ethical reasons
    B. A person who hacks for an ethical cause
    C. A person who hacks for defensive purposes
    D. A person who hacks for offensive purposes

  • Question 788:

    Which of the following tools would be the best choice for achieving compliance with PCI Requirement 11?

    A. Truecrypt
    B. Sub7
    C. Nessus
    D. Clamwin

  • Question 789:

    What is the expected result of the following exploit?

    A. Opens up a telnet listener that requires no username or password.
    B. Create a FTP server with write permissions enabled.
    C. Creates a share called "sasfile" on the target system.
    D. Creates an account with a user name of Anonymous and a password of [email protected].

  • Question 790:

    Dan is conducting penetration testing and has found a vulnerability in a Web Application which gave him the sessionID token via a cross site scripting vulnerability. Dan wants to replay this token. However, the session ID manager (on the server) checks the originating IP address as well. Dan decides to spoof his IP address in order to replay the sessionID. Why do you think Dan might not be able to get an interactive session?

    A. Dan cannot spoof his IP address over TCP network
    B. The scenario is incorrect as Dan can spoof his IP and get responses
    C. The server will send replies back to the spoofed IP address
    D. Dan can establish an interactive session only if he uses a NAT

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.