Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
EC1-349 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader ECCouncil EC1-349 Dumps with VCE and PDF 21-30

September 23, 2017

EnsurePass
2017 Sep ECCouncil Official New Released EC1-349
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/EC1-349.html

ECCouncil Computer Hacking Forensic Investigator

Question No: 21 – (Topic 1)

To check for POP3 traffic using Ethereal, what port should an investigator search by?

A. 143

B. 25 C. 110 D. 125

Answer: C

Question No: 22 – (Topic 1)

What feature of Decryption Collection allows an investigator to crack a password as quickly as possible?

  1. Cracks every password in 10 minutes

  2. Distribute processing over 16 or fewer computers

  3. Support for Encrypted File System

  4. Support for MD5 hash verification

Answer: B

Question No: 23 – (Topic 1)

Daryl, a computer forensics investigator, has just arrived at the house of an alleged computer hacker. Daryl takes pictures and tags all computer and peripheral equipment found in the house. Daryl packs all the items found in his van and takes them back to his lab for further examination. At his lab, Michael his assistant helps him with the investigation. Since Michael is still in training, Daryl supervises all of his work very carefully. Michael is not quite sure about the procedures to copy all the data off the computer and peripheral devices. How many data acquisition tools should Michael use when creating copies of the evidence for the investigation?

  1. Two

  2. One

  3. Three

  4. Four

Answer: A

Question No: 24 – (Topic 1)

George was recently fired from his job as an IT analyst at Pitts and Company in Dallas Texas. His main duties as an analyst were to support the company Active Directory structure and to create network polices. George now wants to break into the company network by cracking some ofcompany? Active Directory structure and to create network polices. George now wants to break into the company? network by cracking some of the service accounts he knows about. Which password cracking technique should George use in this situation?

  1. Brute force attack

  2. Syllable attack

  3. Rule-based attack

  4. Dictionary attack

Answer: C

Question No: 25 – (Topic 1)

An investigator is searching through the firewall logs of a company and notices ICMP packets that are larger than 65,536 bytes. What type of activity is the investigator seeing?

  1. Smurf

  2. Ping of death

  3. Fraggle

  4. Nmap scan

Answer: B

Question No: 26 – (Topic 1)

Why should you never power on a computer that you need to acquire digital evidence from?

  1. When the computer boots up, files are written to the computer rendering the data nclean?When the computer boots up, files are written to the computer rendering the data

    ?nclean

  2. When the computer boots up, the system cache is cleared which could destroy evidence

  3. When the computer boots up, data in the memory buffer is cleared which could destroy evidenceWhen the computer boots up, data in the memory? buffer is cleared which could destroy evidence

  4. Powering on a computer has no affect when needing to acquire digital evidence from it

Answer: A

Question No: 27 – (Topic 1)

When marking evidence that has been collected with the aa/ddmmyy/nnnn/zz?format, what does the nnn?denote?When marking evidence that has been collected with the

?aa/ddmmyy/nnnn/zz?format, what does the ?nnn?denote?

  1. The year the evidence was taken

  2. The sequence number for the parts of the same exhibit

  3. The initials of the forensics analyst

  4. The sequential number of the exhibits seized

Answer: D

Question No: 28 – (Topic 1)

To preserve digital evidence, an investigator should

  1. Make two copies of each evidence item using a single imaging tool

  2. Make a single copy of each evidence item using an approved imaging tool

  3. Make two copies of each evidence item using different imaging tools

  4. Only store the original evidence item

Answer: C

Question No: 29 – (Topic 1)

When searching through file headers for picture file formats, what should be searched to find a JPEG file in hexadecimal format?

  1. FF D8 FF E0 00 10

  2. FF FF FF FF FF FF

  3. FF 00 FF 00 FF 00

  4. EF 00 EF 00 EF 00

Answer: A

Question No: 30 – (Topic 1)

What type of file is represented by a colon (:) with a name following it in the Master File Table (MFT) of an NTFS disk?

  1. Compressed file

  2. Data stream file

  3. Encrypted file

  4. Reserved file

Answer: B

100% Free Download!
Download Free Demo:EC1-349 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass EC1-349 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE