EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 07, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 841:

    Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company's entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here?

    A. Neil has used a tailgating social engineering attack to gain access to the offices
    B. He has used a piggybacking technique to gain unauthorized access
    C. This type of social engineering attack is called man trapping
    D. Neil is using the technique of reverse social engineering to gain access to the offices of Davidson Avionics

  • Question 842:

    Which of the following systems would not respond correctly to an nmap XMAS scan?

    A. Windows 2000 Server running IIS 5
    B. Any Solaris version running SAMBA Server
    C. Any version of IRIX
    D. RedHat Linux 8.0 running Apache Web Server

  • Question 843:

    XSS attacks occur on Web pages that do not perform appropriate bounds checking on data entered by users. Characters like < > that mark the beginning/end of a tag should be converted into HTML entities.

    What is the correct code when converted to html entities?

    A. Option A
    B. Option B
    C. Option C
    D. Option D

  • Question 844:

    Take a look at the following attack on a Web Server using obstructed URL:

    http://www.example.com/script.ext?template%2e%2e%2e%2e%2e%2f%2e%2f%65%74% 63%2f%70%61%73%73%77%64

    The request is made up of:

    %2e%2e%2f%2e%2e%2f%2e%2f% = ../../../

    %65%74%63 = etc

    %2f = /

    %70%61%73%73%77%64 = passwd

    How would you protect information systems from these attacks?

    A. Configure Web Server to deny requests involving Unicode characters.
    B. Create rules in IDS to alert on strange Unicode requests.
    C. Use SSL authentication on Web Servers.
    D. Enable Active Scripts Detection at the firewall and routers.

  • Question 845:

    Advanced encryption standard is an algorithm used for which of the following?

    A. Data integrity
    B. Key discovery
    C. Bulk data encryption
    D. Key recovery

  • Question 846:

    Clive has been hired to perform a Black-Box test by one of his clients.

    How much information will Clive obtain from the client before commencing his test?

    A. IP Range, OS, and patches installed.
    B. Only the IP address range.
    C. Nothing but corporate name.
    D. All that is available from the client site.

  • Question 847:

    Statistics from cert.org and other leading security organizations has clearly showed a steady rise in the number of hacking incidents perpetrated against companies. What do you think is the main reason behind the significant increase in hacking attempts over the past years?

    A. It is getting more challenging and harder to hack for non technical people.
    B. There is a phenomenal increase in processing power.
    C. New TCP/IP stack features are constantly being added.
    D. The ease with which hacker tools are available on the Internet.

  • Question 848:

    You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social engineering, you come to know that they are enforcing strong passwords. You understand that all users are required to use passwords that are at least 8 characters in length. All passwords must also use 3 of the 4 following categories: lower case letters, capital letters, numbers and special characters.

    With your existing knowledge of users, likely user account names and the possibility that they will choose the easiest passwords possible, what would be the fastest type of password cracking attack you can run against these hash values and still get results?

    A. Online Attack
    B. Dictionary Attack
    C. Brute Force Attack
    D. Hybrid Attack

  • Question 849:

    What hacking attack is challenge/response authentication used to prevent?

    A. Replay attacks
    B. Scanning attacks
    C. Session hijacking attacks
    D. Password cracking attacks

  • Question 850:

    Information gathered from social networking websites such as Facebook, Twitter and LinkedIn can be used to launch which of the following types of attacks? (Choose two.)

    A. Smurf attack
    B. Social engineering attack
    C. SQL injection attack
    D. Phishing attack
    E. Fraggle attack
    F. Distributed denial of service attack

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.