EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 07, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 861:

    Which of the following Netcat commands would be used to perform a UDP scan of the lower 1024 ports?

    A. Netcat -h -U
    B. Netcat -hU
    C. Netcat -sU -p 1-1024
    D. Netcat -u -v -w2 1-1024
    E. Netcat -sS -O target/1024

  • Question 862:

    If you come across a sheepdip machaine at your client site, what would you infer?

    A. A sheepdip computer is used only for virus checking.
    B. A sheepdip computer is another name for honeypop.
    C. A sheepdip coordinates several honeypots.
    D. A sheepdip computer defers a denial of service attack.

  • Question 863:

    An attacker uses a communication channel within an operating system that is neither designed nor intended to transfer information. What is the name of the communications channel?

    A. Classified
    B. Overt
    C. Encrypted
    D. Covert

  • Question 864:

    When writing shellcodes, you must avoid ____________ because these will end the string.

    A. Root bytes
    B. Null bytes
    C. Char bytes
    D. Unicode bytes

  • Question 865:

    When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is

    A. OWASP is for web applications and OSSTMM does not include web applications.
    B. OSSTMM is gray box testing and OWASP is black box testing.
    C. OWASP addresses controls and OSSTMM does not.
    D. OSSTMM addresses controls and OWASP does not.

  • Question 866:

    What is the proper response for a NULL scan if the port is open?

    A. SYN
    B. ACK
    C. FIN
    D. PSH
    E. RST
    F. No response

  • Question 867:

    A company has hired a security administrator to maintain and administer Linux and Windows-based systems. Written in the nightly report file is the followinG. Firewall log files are at the expected value of 4 MB. The current time is 12am. Exactly two hours later the size has decreased considerably. Another hour goes by and the log files have shrunk in size again.

    Which of the following actions should the security administrator take?

    A. Log the event as suspicious activity and report this behavior to the incident response team immediately.
    B. Log the event as suspicious activity, call a manager, and report this as soon as possible.
    C. Run an anti-virus scan because it is likely the system is infected by malware.
    D. Log the event as suspicious activity, continue to investigate, and act according to the site's security policy.

  • Question 868:

    An attacker runs netcat tool to transfer a secret file between two hosts.

    Machine A: netcat -l -p 1234 < secretfile

    Machine B: netcat 192.168.3.4 > 1234

    He is worried about information being sniffed on the network. How would the attacker use netcat to encrypt the information before transmitting onto the wire?

    A. Machine A: netcat -l -p -s password 1234 < testfile Machine B: netcat 1234
    B. Machine A: netcat -l -e magickey -p 1234 < testfile Machine B: netcat 1234
    C. Machine A: netcat -l -p 1234 < testfile -pw password Machine B: netcat 1234 -pw password
    D. Use cryptcat instead of netcat

  • Question 869:

    What is the proper response for a NULL scan if the port is closed?

    A. SYN
    B. ACK
    C. FIN
    D. PSH
    E. RST
    F. No response

  • Question 870:

    What is the problem with this ASP script (login.asp)?

    A. The ASP script is vulnerable to Cross Site Scripting attack
    B. The ASP script is vulnerable to Session Splice attack
    C. The ASP script is vulnerable to XSS attack
    D. The ASP script is vulnerable to SQL Injection attack

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.