EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 07, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 811:

    Charlie is the network administrator for his company. Charlie just received a new Cisco router and wants to test its capabilities out and to see if it might be susceptible to a DoS attack resulting in its locking up. The IP address of the Cisco switch is 172.16.0.45. What command can Charlie use to attempt this task?

    A. Charlie can use the commanD. ping -l 56550 172.16.0.45 -t.
    B. Charlie can try using the commanD. ping 56550 172.16.0.45.
    C. By using the command ping 172.16.0.45 Charlie would be able to lockup the router
    D. He could use the commanD. ping -4 56550 172.16.0.45.

  • Question 812:

    Jimmy, an attacker, knows that he can take advantage of poorly designed input validation routines to create or alter SQL commands to gain access to private data or execute commands in the database. What technique does Jimmy use to compromise a database?

    A. Jimmy can submit user input that executes an operating system command to compromise a target system
    B. Jimmy can gain control of system to flood the target system with requests, preventing legitimate users from gaining access
    C. Jimmy can utilize an incorrect configuration that leads to access with higher-than expected privilege of the database
    D. Jimmy can utilize this particular database threat that is an SQL injection technique to penetrate a target system

  • Question 813:

    A hacker is attempting to use nslookup to query Domain Name Service (DNS). The hacker uses the nslookup interactive mode for the search. Which command should the hacker type into the command shell to request the appropriate records?

    A. Locate type=ns
    B. Request type=ns
    C. Set type=ns
    D. Transfer type=ns

  • Question 814:

    This packet was taken from a packet sniffer that monitors a Web server.

    This packet was originally 1514 bytes long, but only the first 512 bytes are shown here. This is the standard hexdump representation of a network packet, before being decoded. A hexdump has three columns: the offset of each line, the hexadecimal data, and the ASCII equivalent. This packet contains a 14-byte Ethernet header, a 20-byte IP header, a 20-byte TCP header, an HTTP header ending in two line-feeds (0D 0A 0D 0A) and then the data. By examining the packet identify the name and version of the Web server?

    A. Apache 1.2
    B. IIS 4.0
    C. IIS 5.0
    D. Linux WServer 2.3

  • Question 815:

    What is a sheepdip?

    A. It is another name for Honeynet
    B. It is a machine used to coordinate honeynets
    C. It is the process of checking physical media for virus before they are used in a computer
    D. None of the above

  • Question 816:

    TCP/IP Session Hijacking is carried out in which OSI layer?

    A. Datalink layer
    B. Transport layer
    C. Network layer
    D. Physical layer

  • Question 817:

    Joe Hacker is going wardriving. He is going to use PrismStumbler and wants it to go to a GPS mapping software application. What is the recommended and well-known GPS mapping package that would interface with PrismStumbler? Select the best answer.

    A. GPSDrive
    B. GPSMap
    C. WinPcap
    D. Microsoft Mappoint

  • Question 818:

    Pandora is used to attack __________ network operating systems.

    A. Windows
    B. UNIX
    C. Linux
    D. Netware
    E. MAC OS

  • Question 819:

    A company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and 192.168.5.0. How can NMAP be used to scan these adjacent Class C networks?

    A. NMAP -P 192.168.1-5.
    B. NMAP -P 192.168.0.0/16
    C. NMAP -P 192.168.1.0, 2.0, 3.0, 4.0, 5.0
    D. NMAP -P 192.168.1/17

  • Question 820:

    While investigating a claim of a user downloading illegal material, the investigator goes through the files on the suspect's workstation. He comes across a file that is just called "file.txt" but when he opens it, he finds the following:

    What can he infer from this file?

    A. A picture that has been renamed with a .txt extension
    B. An encrypted file
    C. An encoded file
    D. A buffer overflow

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.