Valid EC0-349 Dumps shared by ExamDiscuss.com for Helping Passing EC0-349 Exam! ExamDiscuss.com now offer the newest EC0-349 exam dumps, the ExamDiscuss.com EC0-349 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com EC0-349 dumps with Test Engine here:

Access EC0-349 Dumps Premium Version
(490 Q&As Dumps, 35%OFF Special Discount Code: freecram)

Online Access Free EC0-349 Exam Questions

Exam Code:EC0-349
Exam Name:Computer Hacking Forensic Investigator
Certification Provider:EC-COUNCIL
Free Question Number:222
Version:v2025-03-20
Rating:
# of views:161
# of Questions views:7648
Go To EC0-349 Questions

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Other Version
2117 viewsEC-COUNCIL.EC0-349.v2018-03-15.q294
Exam Question List
Question 1: Data Acquisition is the process of imaging or otherwise obta...
Question 2: Lance wants to place a honeypot on his network. Which of the...
Question 3: Which of the following commands shows you the NetBIOS name t...
Question 4: Windows Security Accounts Manager (SAM) is a registry file w...
Question 5: Cylie is investigating a network breach at a state organizat...
Question 6: Why is it still possible to recover files that have been emp...
Question 7: First responder is a person who arrives first at the crime s...
Question 8: If you see the files Zer0.tar.gz and copy.tar.gz on a Linux ...
Question 9: Wireless network discovery tools use two different methodolo...
Question 10: In an echo data hiding technique, the secret message is embe...
Question 11: What does the superblock in Linux define?...
Question 12: While searching through a computer under investigation, you ...
Question 13: Physical security recommendations: There should be only one ...
Question 14: In what way do the procedures for dealing with evidence in a...
Question 15: You are working as a computer forensics investigator for a c...
Question 16: Profiling is a forensics technique for analyzing evidence wi...
Question 17: What is the First Step required in preparing a computer for ...
Question 18: You have compromised a lower-level administrator account on ...
Question 19: What is a bit-stream copy?
Question 20: Area density refers to:
Question 21: The rule of thumb when shutting down a system is to pull the...
Question 22: George is the network administrator of a large Internet comp...
Question 23: What must be obtained before an investigation is carried out...
Question 24: Click on the Exhibit Button Paulette works for an IT securit...
Question 25: File deletion is a way of removing a file from a computer's ...
Question 26: You have used a newly released forensic investigation tool, ...
Question 27: Steganography is a technique of hiding a secret message with...
Question 28: Jim performed a vulnerability analysis on his network and fo...
Question 29: When should an MD5 hash check be performed when processing e...
Question 30: Which device in a wireless local area network (WLAN) determi...
Question 31: Consistency in the investigative report is more important th...
Question 32: When performing a forensics analysis, what device is used to...
Question 33: Office documents (Word, Excel, PowerPoint) contain a code th...
Question 34: Email archiving is a systematic approach to save and protect...
Question 35: You are working as an independent computer forensics investi...
Question 36: Hard disk data addressing is a method of allotting addresses...
Question 37: This is the original file structure database that Microsoft ...
Question 38: The need for computer forensics is highlighted by an exponen...
Question 39: You are a computer forensics investigator working with local...
Question 40: Printing under a Windows Computer normally requires which on...
Question 41: In a virtual test environment, Michael is testing the streng...
Question 42: What file is processed at the end of a Windows XP boot to in...
Question 43: Computer security logs contain information about the events ...
Question 44: What is the smallest physical storage unit on a hard drive?...
Question 45: At what layer of the OSI model do routers function on?...
Question 46: Davidson Trucking is a small transportation company that has...
Question 47: You are assisting a Department of Defense contract company t...
Question 48: First response to an incident may involve three different gr...
Question 49: At the time of evidence transfer, both sender and receiver n...
Question 50: What is considered a grant of a property right given to an i...
Question 51: Ron. a computer forensics expert, Is Investigating a case in...
Question 52: Which of the following is not an example of a cyber-crime?...
Question 53: Tyler is setting up a wireless network for his business that...
Question 54: In the following directory listing, (Exhibit) which file sho...
Question 55: Which of the following passwords are sent over the wire (and...
Question 56: When a router receives an update for its routing table, what...
Question 57: SMTP (Simple Mail Transfer protocol) receives outgoing mail ...
Question 58: A system with a simple logging mechanism has not been given ...
Question 59: Attackers can manipulate variables that reference files with...
Question 60: Which one of the following is not a consideration in a foren...
Question 61: Which of the following password cracking techniques works li...
Question 62: You are the security analyst working for a private company o...
Question 63: When investigating a network that uses DHCP to assign IP add...
Question 64: You just passed your ECSA exam and are about to start your f...
Question 65: Daryl, a computer forensics investigator, has just arrived a...
Question 66: If the partition size Is 4 GB, each cluster will be 32 K. Ev...
Question 67: An employee is attempting to wipe out data stored on a coupl...
Question 68: The Recycle Bin exists as a metaphor for throwing files away...
Question 69: On an Active Directory network using NTLM authentication, wh...
Question 70: When you carve an image, recovering the image depends on whi...
Question 71: You have been called in to help with an investigation of an ...
Question 72: When examining a hard disk without a write-blocker, you shou...
Question 73: Data acquisition system is a combination of tools or process...
Question 74: Paul's company is in the process of undergoing a complete se...
Question 75: Jacob is a computer forensics investigator with over 10 year...
Question 76: What hashing method is used to password protect Blackberry d...
Question 77: Which of the following statement is not correct when dealing...
Question 78: To preserve digital evidence, an investigator should _______...
Question 79: When carrying out a forensics investigation, why should you ...
Question 80: If you come across a sheepdip machine at your client site, w...
Question 81: You are working as an investigator for a corporation and you...
Question 82: You are called by an author who is writing a book and he wan...
Question 83: When NTFS Is formatted, the format program assigns the _____...
Question 84: Syslog is a client/server protocol standard for forwarding l...
Question 85: The following excerpt is taken from a honeypot log. The log ...
Question 86: Diskcopy is:
Question 87: When investigating a wireless attack, what information can b...
Question 88: A rogue/unauthorized access point is one that Is not authori...
Question 89: You should always work with original evidence...
Question 90: You setup SNMP in multiple offices of your company. Your SNM...
Question 91: Which of the following approaches checks and compares all th...
Question 92: You are running known exploits against your network to test ...
Question 93: John and Hillary works at the same department in the company...
Question 94: Which of the following reports are delivered under oath to a...
Question 95: What is the "Best Evidence Rule"?...
Question 96: You are a security analyst performing reconnaissance on a co...
Question 97: The newer Macintosh Operating System (MacOS X) is based on:...
Question 98: A picture file is recovered from a computer under investigat...
Question 99: You should make at least how many bit-stream copies of a sus...
Question 100: You are working for a local police department that services ...
Question 101: Data is striped at a byte level across multiple drives and p...
Question 102: Why would you need to find out the gateway of a device when ...
Question 103: You are assigned to work in the computer forensics lab of a ...
Question 104: After passively scanning the network of Department of Defens...
Question 105: Networks are vulnerable to an attack which occurs due to ove...
Question 106: While working for a prosecutor, What do you think you should...
Question 107: You are a security analyst performing a penetration tests fo...
Question 108: Which is a standard procedure to perform during all computer...
Question 109: Harold is a web designer who has completed a website for ght...
Question 110: Which of the following is NOT a graphics file?...
Question 111: What is the first step taken in an investigation for laborat...
Question 112: To calculate the number of bytes on a disk, the formula is: ...
Question 113: When obtaining a warrant it is important to:...
Question 114: When monitoring for both intrusion and security events betwe...
Question 115: Why should you never power on a computer that you need to ac...
Question 116: Why is it Important to consider health and safety factors in...
Question 117: The use of warning banners helps a company avoid litigation ...
Question 118: An "idle" system is also referred to as what?...
Question 119: After attending a CEH security seminar, you make a list of c...
Question 120: When you are running a vulnerability scan on a network and t...
Question 121: Which of the following statements is incorrect related to ac...
Question 122: Who is responsible for the following tasks? - Secure the sce...
Question 123: What will the following Linux command accomplish? dd if=/dev...
Question 124: You are assisting in the investigation of a possible Web Ser...
Question 125: The ____________________ refers to handing over the results ...
Question 126: When investigating a Windows System, it is important to view...
Question 127: You work as an IT security auditor hired by a law firm in Bo...
Question 128: A state department site was recently attacked and all the se...
Question 129: A steganographic file system is a method to store the files ...
Question 130: What must an investigator do before disconnecting an iPod fr...
Question 131: An Internet standard protocol (built on top of TCP/IP) that ...
Question 132: What file structure database would you expect to find on flo...
Question 133: What operating system would respond to the following command...
Question 134: How do you define Technical Steganography?...
Question 135: What is the first step that needs to be carried out to crack...
Question 136: John is working as a computer forensics investigator for a c...
Question 137: Michael works for Kimball Construction Company as senior sec...
Question 138: Smith, an employee of a reputed forensic Investigation firm,...
Question 139: A forensics investigator needs to copy data from a computer ...
Question 140: Which of the following is not correct when documenting an el...
Question 141: What is the smallest allocation unit of a hard disk?...
Question 142: If an attacker's computer sends an IPID of 31400 to a zombie...
Question 143: The Recycle Bin is located on the Windows desktop. When you ...
Question 144: Attacker uses vulnerabilities in the authentication or sessi...
Question 145: If you plan to startup a suspect's computer, you must modify...
Question 146: How many possible sequence number combinations are there in ...
Question 147: Paul is a computer forensics investigator working for Tyler ...
Question 148: In conducting a computer abuse investigation you become awar...
Question 149: An attack vector is a path or means by which an attacker can...
Question 150: Billy, a computer forensics expert, has recovered a large nu...
Question 151: An image is an artifact that reproduces the likeness of some...
Question 152: How do you define forensic computing?...
Question 153: The following excerpt is taken from a honeypot log that was ...
Question 154: Under confession, an accused criminal admitted to encrypting...
Question 155: What document does the screenshot represent? (Exhibit)...
Question 156: In Linux, what is the smallest possible shellcode?...
Question 157: Harold is a security analyst who has just run the rdisk /s c...
Question 158: Raw data acquisition format creates ____________of a data se...
Question 159: Using Internet logging software to investigate a case of mal...
Question 160: During an investigation, an employee was found to have delet...
Question 161: Melanie was newly assigned to an investigation and asked to ...
Question 162: In General, __________________ Involves the investigation of...
Question 163: Heather, a computer forensics investigator, is assisting a g...
Question 164: Why would a company issue a dongle with the software they se...
Question 165: A mobile operating system manages communication between the ...
Question 166: When marking evidence that has been collected with the aa/dd...
Question 167: Microsoft Outlook maintains email messages in a proprietary ...
Question 168: Computer security logs contain information about the events ...
Question 169: To make sure the evidence you recover and analyze with compu...
Question 170: What layer of the OSI model do TCP and UDP utilize?...
Question 171: Which root folder (hive) of registry editor contains a vast ...
Question 172: Which Is a Linux journaling file system?...
Question 173: Which of the following Steganography techniques allows you t...
Question 174: What is the following command trying to accomplish? C:\> ...
Question 175: The objective of this act was to protect consumers personal ...
Question 176: You have completed a forensic investigation case. You would ...
Question 177: Which of the following filesystem is used by Mac OS X?...
Question 178: Which response organization tracks hoaxes as well as viruses...
Question 179: Which of the following Steganography techniques allows you t...
Question 180: You are running through a series of tests on your network to...
Question 181: James is testing the ability of his routers to withstand DoS...
Question 182: What encryption technology is used on Blackberry devices?Pas...
Question 183: From the following spam mail header, identify the host IP th...
Question 184: George was recently fired from his job as an IT analyst at P...
Question 185: When operating systems mark a cluster as used but not alloca...
Question 186: Which of the following attacks allows an attacker to access ...
Question 187: Which table is used to convert huge word lists (i .e. dictio...
Question 188: John is using Firewalk to test the security of his Cisco PIX...
Question 189: Why is it a good idea to perform a penetration test from the...
Question 190: Travis, a computer forensics investigator, is finishing up a...
Question 191: Which legal document allows law enforcement to search an off...
Question 192: When collecting electronic evidence at the crime scene, the ...
Question 193: When using Windows acquisitions tools to acquire digital evi...
Question 194: When examining the log files from a Windows IIS Web Server, ...
Question 195: Deposition enables opposing counsel to preview an expert wit...
Question 196: You have been asked to investigate after a user has reported...
Question 197: Steven has been given the task of designing a computer foren...
Question 198: What information do you need to recover when searching a vic...
Question 199: Dumpster Diving refers to:
Question 200: What is the name of the standard Linux command that can be u...
Question 201: JPEG is a commonly used method of compressing photographic I...
Question 202: The evolution of web services and their increasing use in bu...
Question 203: What type of attack sends SYN requests to a target system wi...
Question 204: An on-site incident response team is called to investigate a...
Question 205: Meyer Electronics Systems just recently had a number of lapt...
Question 206: What will the following command accomplish? C:\> nmap -v ...
Question 207: John is working on his company policies and guidelines. The ...
Question 208: How many bits is Source Port Number in TCP Header packet?...
Question 209: Microsoft Security IDs are available in Windows Registry Edi...
Question 210: Jason, a renowned forensic investigator, is investigating a ...
Question 211: Ever-changing advancement or mobile devices increases the co...
Question 212: When setting up a wireless network with multiple access poin...
Question 213: Which of the following email headers specifies an address fo...
Question 214: George is a senior security analyst working for a state agen...
Question 215: The status of the network interface cards (NICs) connected t...
Question 216: What is the CIDR from the following screenshot? (Exhibit)...
Question 217: Chris has been called upon to investigate a hacking incident...
Question 218: Your company uses Cisco routers exclusively throughout the n...
Question 219: You are carrying out the last round of testing for your new ...
Question 220: Injection flaws are web application vulnerabilities that all...
Question 221: TCP/IP (Transmission Control Protocol/Internet Protocol) is ...
Question 222: Where is the default location for Apache access logs on a Li...