Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
EC1-349 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader ECCouncil EC1-349 Dumps with VCE and PDF 41-50

September 23, 2017

EnsurePass
2017 Sep ECCouncil Official New Released EC1-349
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/EC1-349.html

ECCouncil Computer Hacking Forensic Investigator

Question No: 41 – (Topic 1)

Harold is a computer forensics investigator working for a consulting firm out of Atlanta Georgia. Harold is called upon to help with a corporate espionage case in Miami Florida. Harold assists in the investigation by pulling all the data from the computers allegedly used in the illegal activities. He finds that two suspects in the company where stealing sensitive corporate information and selling it to competing companies. From the email and instant messenger logs recovered, Harold has discovered that the two employees notified the buyers by writing symbols on the back of specific stop signs. This way, the buyers knew when and where to meet with the alleged suspects to buy the stolen material. What type of steganography did these two suspects use?

  1. Text semagram

  2. Visual semagram

  3. Grill cipher

  4. Visual cipher

Answer: B

Question No: 42 – (Topic 1)

What is the slave device connected to the secondary IDE controller on a Linux OS referred to?

  1. hda

  2. hdd

  3. hdb

  4. hdc

Answer: B

Question No: 43 – (Topic 1)

You are called in to assist the police in an investigation involving a suspected drug dealer. The police searched the suspect house after aYou are called in to assist the police in an investigation involving a suspected drug dealer. The police searched the suspect? house after a warrant was obtained and they located a floppy disk in the suspect bedroom. The disk contains several files, but they appear to be passwordwarrant was obtained and they located a floppy disk in the suspect? bedroom. The disk contains several files, but they appear to be password protected. What are two common methods used by password cracking software that you could use to obtain the password?

  1. Limited force and library attack

  2. Brute force and dictionary attack

  3. Maximum force and thesaurus attack

  4. Minimum force and appendix attack

Answer: B

Question No: 44 – (Topic 1)

During an investigation, an employee was found to have deleted harassing emails that were sent to someone else. The company was using Microsoft Exchange and had message tracking enabled. Where could the investigator search to find the message tracking log file on the Exchange server?

  1. C:\Program Files\Exchsrvr\servername.log

  2. D:\Exchsrvr\Message Tracking\servername.log

  3. C:\Exchsrvr\Message Tracking\servername.log

  4. C:\Program Files\Microsoft Exchange\srvr\servername.log

Answer: A

Question No: 45 – (Topic 1)

Paul is a computer forensics investigator working for Tyler amp; Company Consultants. Paul

has been called upon to help investigate a computer hacking ring broken up by the local police. Paul begins to inventory the PCs found in the hackers?hideout. Paul then comes across a PDA left by them that is attached to a number of different peripheral devices.

What is the first step that Paul must take with the PDA to ensure the integrity of the investigation?

  1. Place PDA, including all devices, in an antistatic bag

  2. Unplug all connected devices

  3. Power off all devices if currently on

  4. Photograph and document the peripheral devices

Answer: D

Question No: 46 – (Topic 1)

What file is processed at the end of a Windows XP boot to initialize the logon dialog box?

  1. NTOSKRNL.EXE

  2. NTLDR

  3. LSASS.EXE

  4. NTDETECT.COM

Answer: C

Question No: 47 – (Topic 1)

When examining a file with a Hex Editor, what space does the file header occupy?

  1. The first several bytes of the file

  2. One byte at the beginning of the file

  3. None, file headers are contained in the FAT

  4. The last several bytes of the file

Answer: A

Question No: 48 – (Topic 1)

What does the acronym POST mean as it relates to a PC?

  1. Power On Self Test

  2. Pre Operational Situation Test

  3. Primary Operating System Test

  4. Primary Operations Short Test

Answer: A

Question No: 49 – (Topic 1)

What is the CIDR from the following screenshot?

Ensurepass 2017 PDF and VCE

A. /24A./24A./24

B. /32 B./32 B./32 C. /16 C./16 C./16 D. /8D./8D./8

Answer: D

Question No: 50 – (Topic 1)

Paraben Lockdown device uses which operating system to write hard drive data?Paraben? Lockdown device uses which operating system to write hard drive data?

  1. Mac OS

  2. Red Hat

  3. Unix

  4. Windows

Answer: D

100% Free Download!
Download Free Demo:EC1-349 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass EC1-349 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE