EC0-350 Exam Details

  • Exam Code
    :EC0-350
  • Exam Name
    :Ethical Hacking And Countermeasures (CEH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 07, 2026

EC-COUNCIL EC0-350 Online Questions & Answers

  • Question 871:

    ICMP ping and ping sweeps are used to check for active systems and to check

    A. if ICMP ping traverses a firewall.
    B. the route that the ICMP ping took.
    C. the location of the switchport in relation to the ICMP ping.
    D. the number of hops an ICMP ping takes to reach a destination.

  • Question 872:

    Peter extracts the SID list from Windows 2008 Server machine using the hacking tool "SIDExtracter". Here is the output of the SIDs:

    From the above list identify the user account with System Administrator privileges?

    A. John
    B. Rebecca
    C. Sheela
    D. Shawn
    E. Somia
    F. Chang
    G. Micah

  • Question 873:

    A circuit level gateway works at which of the following layers of the OSI Model?

    A. Layer 5 - Application
    B. Layer 4 ?TCP
    C. Layer 3 ?Internet protocol
    D. Layer 2 ?Data link

  • Question 874:

    Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been able to spawn an interactive shell and plans to deface the main web page. He first attempts to use the "Echo" command to simply overwrite index.html and remains unsuccessful. He then attempts to delete the page and achieves no progress. Finally, he tries to overwrite it with another page again in vain. What is the probable cause of Bill's problem?

    A. The system is a honeypot.
    B. There is a problem with the shell and he needs to run the attack again.
    C. You cannot use a buffer overflow to deface a web page.
    D. The HTML file has permissions of ready only.

  • Question 875:

    What is the advantage in encrypting the communication between the agent and the monitor in an Intrusion Detection System?

    A. Encryption of agent communications will conceal the presence of the agents
    B. The monitor will know if counterfeit messages are being generated because they will not be encrypted
    C. Alerts are sent to the monitor when a potential intrusion is detected
    D. An intruder could intercept and delete data or alerts and the intrusion can go undetected

  • Question 876:

    Buffer X in an Accounting application module for Brownies Inc. can contain 200 characters. The programmer makes an assumption that 200 characters are more than enough. Because there were no proper boundary checks being conducted, Bob decided to insert 400 characters into the 200-character buffer. (Overflows the buffer). Below is the code snippet:

    How can you protect/fix the problem of your application as shown above?

    A. Because the counter starts with 0, we would stop when the counter is less than 200
    B. Because the counter starts with 0, we would stop when the counter is more than 200
    C. Add a separate statement to signify that if we have written less than 200 characters to the buffer, the stack should stop because it cannot hold any more data
    D. Add a separate statement to signify that if we have written 200 characters to the buffer, the stack should stop because it cannot hold any more data

  • Question 877:

    Ron has configured his network to provide strong perimeter security. As part of his network architecture, he has included a host that is fully exposed to attack. The system is on the public side of the demilitarized zone, unprotected by a firewall or filtering router. What would you call such a host?

    A. Honeypot
    B. DMZ host
    C. DWZ host
    D. Bastion Host

  • Question 878:

    What is War Dialing?

    A. War dialing involves the use of a program in conjunction with a modem to penetrate the modem/PBX-based systems
    B. War dialing is a vulnerability scanning technique that penetrates Firewalls
    C. It is a social engineering technique that uses Phone calls to trick victims
    D. Involves IDS Scanning Fragments to bypass Internet filters and stateful Firewalls

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-350 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.