EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 07, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 821:

    Least privilege is a security concept that requires that a user is

    A. limited to those functions required to do the job.
    B. given root or administrative privileges.
    C. trusted to keep all data and access to that data under their sole control.
    D. given privileges equal to everyone else in the department.

  • Question 822:

    Derek has stumbled upon a wireless network and wants to assess its security. However, he does not find enough traffic for a good capture. He intends to use AirSnort on the captured traffic to crack the WEP key and does not know the IP address range or the AP. How can he generate traffic on the network so that he can capture enough packets to crack the WEP key?

    A. Use any ARP requests found in the capture
    B. Derek can use a session replay on the packets captured
    C. Derek can use KisMAC as it needs two USB devices to generate traffic
    D. Use Ettercap to discover the gateway and ICMP ping flood tool to generate traffic

  • Question 823:

    Exhibit:

    Study the following log extract and identify the attack.

    A. Hexcode Attack
    B. Cross Site Scripting
    C. Multiple Domain Traversal Attack
    D. Unicode Directory Traversal Attack

  • Question 824:

    You run nmap port Scan on 10.0.0.5 and attempt to gain banner/server information from services running on ports 21, 110 and 123. Here is the output of your scan results:

    Which of the following nmap command did you run?

    A. nmap -A -sV -p21, 110, 123 10.0.0.5
    B. nmap -F -sV -p21, 110, 123 10.0.0.5
    C. nmap -O -sV -p21, 110, 123 10.0.0.5
    D. nmap -T -sV -p21, 110, 123 10.0.0.5

  • Question 825:

    A security analyst in an insurance company is assigned to test a new web application that will be used by clients to help them choose and apply for an insurance plan. The analyst discovers that the application is developed in ASP scripting

    language and it uses MSSQL as a database backend. The analyst locates the application's search form and introduces the following code in the search input fielD.

    IMG SRC=vbscript:msgbox("Vulnerable");> originalAttribute="SRC" originalPath="vbscript:msgbox("Vulnerable");>"

    When the analyst submits the form, the browser returns a pop-up window that says "Vulnerable".

    Which web applications vulnerability did the analyst discover?

    A. Cross-site request forgery
    B. Command injection
    C. Cross-site scripting
    D. SQL injection

  • Question 826:

    What command would you type to OS fingerprint a server using the command line?

    A. Option A
    B. Option B
    C. Option C
    D. Option D

  • Question 827:

    Data is sent over the network as clear text (unencrypted) when Basic Authentication is configured on Web Servers.

    A. true
    B. false

  • Question 828:

    What framework architecture is shown in this exhibit?

    A. Core Impact
    B. Metasploit
    C. Immunity Canvas
    D. Nessus

  • Question 829:

    While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse?

    A. Packet filtering firewall
    B. Application-level firewall
    C. Circuit-level gateway firewall
    D. Stateful multilayer inspection firewall

  • Question 830:

    What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?(Choose all that apply.

    A. 110
    B. 135
    C. 139
    D. 161
    E. 445
    F. 1024

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.