Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

EC-Council EC0-350 Exam Questions
Ethical Hacking and Countermeasures (Page 23 )

Updated On: 17-Feb-2026
Page 23 of 153
PDF with 878 Questions

Bob has been hired to perform a penetration test on ABC.com. He begins by looking at IP address ranges owned by the company and details of domain name registration. He then goes to News Groups and financial web sites to see if they are leaking any sensitive information of have any technical details online.
Within the context of penetration testing methodology, what phase is Bob involved with?

  1. Passive information gathering
  2. Active information gathering
  3. Attack phase
  4. Vulnerability Mapping

Answer(s): A

Explanation:

He is gathering information and as long as he doesn’t make contact with any of the targets systems he is considered gathering this information in a passive mode.



Where should a security tester be looking for information that could be used by an attacker against an organization? (Select all that apply)

  1. CHAT rooms
  2. WHOIS database
  3. News groups
  4. Web sites
  5. Search engines
  6. Organization’s own web site

Answer(s): A,B,C,D,E,F

Explanation:

A Security tester should search for information everywhere that he/she can access. You never know where you find that small piece of information that could penetrate a strong defense.



You are footprinting an organization to gather competitive intelligence. You visit the company’s website for contact information and telephone numbers but do not find it listed there. You know that they had the entire staff directory listed on their website 12 months ago but not it is not there.
How would it be possible for you to retrieve information from the website that is outdated?

  1. Visit google’s search engine and view the cached copy.
  2. Visit Archive.org web site to retrieve the Internet archive of the company’s website.
  3. Crawl the entire website and store them into your computer.
  4. Visit the company’s partners and customers website for this information.

Answer(s): B

Explanation:

Archive.org mirrors websites and categorizes them by date and month depending on the crawl time. Archive.org dates back to 1996, Google is incorrect because the cache is only as recent as the latest crawl, the cache is over-written on each subsequent crawl. Download the website is incorrect because that's the same as what you see online. Visiting customer partners websites is just bogus. The answer is then Firmly, C, archive.org



Which is the right sequence of packets sent during the initial TCP three way handshake?

  1. FIN, FIN-ACK, ACK
  2. SYN, URG, ACK
  3. SYN, ACK, SYN-ACK
  4. SYN, SYN-ACK, ACK

Answer(s): D

Explanation:

A TCP connection always starts with a request for synchronization, a SYN, the reply to that would be another SYN together with a ACK to acknowledge that the last package was delivered successfully and the last part of the three way handshake should be only an ACK to acknowledge that the SYN reply was recived.



Jack Hacker wants to break into Brown Co.'s computers and obtain their secret double fudge cookie recipe. Jack calls Jane, an accountant at Brown Co., pretending to be an administrator from Brown Co. Jack tells Jane that there has been a problem with some accounts and asks her to tell him her password 'just to double check our records'. Jane believes that Jack is really an administrator, and tells him her password. Jack now has a user name and password, and can access Brown Co.'s computers, to find the cookie recipe. This is an example of what kind of attack?

  1. Reverse Psychology
  2. Social Engineering
  3. Reverse Engineering
  4. Spoofing Identity
  5. Faking Identity

Answer(s): B

Explanation:

This is a typical case of pretexting. Pretexting is the act of creating and using an invented scenario (the pretext) to persuade a target to release information or perform an action and is usually done over the telephone.






Post your Comments and Discuss EC-Council EC0-350 exam dumps with other Community members:

Join the EC0-350 Discussion