EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 07, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 831:

    Which tool/utility can help you extract the application layer data from each TCP connection from a log file into separate files?

    A. Snort
    B. argus
    C. TCPflow
    D. Tcpdump

  • Question 832:

    Which type of password cracking technique works like dictionary attack but adds some numbers and symbols to the words from the dictionary and tries to crack the password?

    A. Dictionary attack
    B. Brute forcing attack
    C. Hybrid attack
    D. Syllable attack
    E. Rule-based attack

  • Question 833:

    Network Intrusion Detection systems can monitor traffic in real time on networks.

    Which one of the following techniques can be very effective at avoiding proper detection?

    A. Fragmentation of packets.
    B. Use of only TCP based protocols.
    C. Use of only UDP based protocols.
    D. Use of fragmented ICMP traffic only.

  • Question 834:

    At a Windows Server command prompt, which command could be used to list the running services?

    A. Sc query type= running
    B. Sc query \\servername
    C. Sc query
    D. Sc config

  • Question 835:

    An Attacker creates a zuckerjournals.com website by copying and mirroring HACKERJOURNALS.COM site to spread the news that Hollywood actor Jason Jenkins died in a car accident. The attacker then submits his fake site for indexing in major search engines. When users search for "Jason Jenkins", attacker's fake site shows up and dupes victims by the fake news.

    This is another great example that some people do not know what URL's are. Real website: Fake website: http://www.zuckerjournals.com

    The website is clearly not WWW.HACKERJOURNALS.COM. It is obvious for many, but unfortunately some people still do not know what an URL is. It's the address that you enter into the address bar at the top your browser and this is clearly not legit site, its www.zuckerjournals.com

    How would you verify if a website is authentic or not?

    A. Visit the site using secure HTTPS protocol and check the SSL certificate for authenticity
    B. Navigate to the site by visiting various blogs and forums for authentic links
    C. Enable Cache on your browser and lookout for error message warning on the screen
    D. Visit the site by clicking on a link from Google search engine

  • Question 836:

    This kind of attack will let you assume a users identity at a dynamically generated web page or site:

    A. SQL Injection
    B. Cross Site Scripting
    C. Session Hijacking
    D. Zone Transfer

  • Question 837:

    Which of the following is an advantage of utilizing security testing methodologies to conduct a security audit?

    A. They provide a repeatable framework.
    B. Anyone can run the command line scripts.
    C. They are available at low cost.
    D. They are subject to government regulation.

  • Question 838:

    The network administrator for a company is setting up a website with e-commerce capabilities. Packet sniffing is a concern because credit card information will be sent electronically over the Internet. Customers visiting the site will need to encrypt the data with HTTPS. Which type of certificate is used to encrypt and decrypt the data?

    A. Asymmetric
    B. Confidential
    C. Symmetric
    D. Non-confidential

  • Question 839:

    More sophisticated IDSs look for common shellcode signatures. But even these systems can be bypassed, by using polymorphic shellcode. This is a technique common among virus writers ?it basically hides the true nature of the shellcode in different disguises.

    How does a polymorphic shellcode work?

    A. They encrypt the shellcode by XORing values over the shellcode, using loader code to decrypt the shellcode, and then executing the decrypted shellcode
    B. They convert the shellcode into Unicode, using loader to convert back to machine code then executing them
    C. They reverse the working instructions into opposite order by masking the IDS signatures
    D. They compress shellcode into normal instructions, uncompress the shellcode using loader code and then executing the shellcode

  • Question 840:

    How can telnet be used to fingerprint a web server?

    A. telnet webserverAddress 80 HEAD / HTTP/1.0
    B. telnet webserverAddress 80 PUT / HTTP/1.0
    C. telnet webserverAddress 80 HEAD / HTTP/2.0
    D. telnet webserverAddress 80 PUT / HTTP/2.0

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.