Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

EC-Council EC0-350 Exam Questions
Ethical Hacking and Countermeasures (Page 13 )

Updated On: 17-Feb-2026
Page 13 of 153
PDF with 878 Questions

Bill is attempting a series of SQL queries in order to map out the tables within the database that he is trying to exploit.
Choose the attack type from the choices given below.

  1. Database Fingerprinting
  2. Database Enumeration
  3. SQL Fingerprinting
  4. SQL Enumeration

Answer(s): A

Explanation:

He is trying to create a view of the characteristics of the target database, he is taking it’s fingerprints.



John is a keen administrator, and has followed all of the best practices as he could find on securing his Windows Server. He has renamed the Administrator account to a new name that he is sure cannot be easily guessed. However, there are people who already attempt to compromise his newly renamed administrator account.
How is it possible for a remote attacker to decipher the name of the administrator account if it has been renamed?

  1. The attacker used the user2sid program.
  2. The attacker used the sid2user program.
  3. The attacker used nmap with the –V switch.
  4. The attacker guessed the new name.

Answer(s): B

Explanation:

User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine Sid2user.exe can then be used to retrieve the names of all the user accounts and more. These utilities do not exploit a bug but call the functions LookupAccountName and LookupAccountSid respectively. What is more these can be called against a remote machine without providing logon credentials save those needed for a null session connection.



Study the snort rule given below:

From the options below, choose the exploit against which this rule applies.

  1. WebDav
  2. SQL Slammer
  3. MS Blaster
  4. MyDoom

Answer(s): C

Explanation:

MS Blaster scans the Internet for computers that are vulnerable to its attack. Once found, it tries to enter the system through the port 135 to create a buffer overflow. TCP ports 139 and 445 may also provide attack vectors.



While performing a ping sweep of a subnet you receive an ICMP reply of Code 3/Type 13 for all the pings sent out.
What is the most likely cause behind this response?

  1. The firewall is dropping the packets.
  2. An in-line IDS is dropping the packets.
  3. A router is blocking ICMP.
  4. The host does not respond to ICMP packets.

Answer(s): C

Explanation:

Type 3 message = Destination Unreachable [RFC792], Code 13 (cause) = Communication Administratively Prohibited [RFC1812]



Who is an Ethical Hacker?

  1. A person who hacks for ethical reasons
  2. A person who hacks for an ethical cause
  3. A person who hacks for defensive purposes
  4. A person who hacks for offensive purposes

Answer(s): C

Explanation:

The Ethical hacker is a security professional who applies his hacking skills for defensive purposes.






Post your Comments and Discuss EC-Council EC0-350 exam dumps with other Community members:

Join the EC0-350 Discussion