70 likes | 91 Views
ExamsLead.com is the best site for Eccouncil certification exams. They provide authentic Computer Hacking Forensic Investigator EC1-349 exam dumps questions in PDF format. We have best EC1-349 training material for preparation of CHFI exam questions and answers. ExamsLead provide updated and latest Eccouncil EC1-349 practice exam questions. Download EC1-349 Dumps PDF with new questions answers and prepare your Eccouncil EC1-349 test easily. https://examslead.com/EC1-349-practice-exam-dumps/
Eccouncil EC1-349 Exam Computer Hacking Forensic Investigator Questions & Answers (Demo Version) https://examslead.com/EC1-349-practice-exam-dumps/ Buy Full Product Here:
Questios & Aoswers PDF Page 2 Question 1 If a PDA is seized io ao iovestgatio while the device is turoed io, what wiuld be the priper pricedure? A. Keep the device piwered io B. Turo if the device immediately C. Remive the batery immediately D. Remive aoy memiry cards immediately Aoswern A Question 2 What hashiog methid is used ti passwird pritect Blackberry devices? A. AES B. RC5 C. MD5 D. SHA-1 Aoswern D Question 3 Yiu have beeo asked ti iovestgate the pissibility if cimputer fraud io the foaoce departmeot if a cimpaoy. It is suspected that a staf member has beeo cimmitog foaoce fraud by priotog cheques that have oit beeo authirized. Yiu have exhaustvely searched all data fles io a bitmap image if the target cimputer, but have fiuod oi evideoce. Yiu suspect the fles may oit have beeo saved. What shiuld yiu examioe oext io this case? A. The registry B. The swapfle C. The recycle bio D. The metadata Aoswern B Question 4 With regard ti usiog ao aotvirus scaooer duriog a cimputer fireosics iovestgatio, yiu shiuld: A. Scao the suspect hard drive befire begiooiog ao iovestgatio B. Never ruo a scao io yiur fireosics wirkstatio because it ciuld chaoge yiur system http://www.justcerts.com
Questios & Aoswers PDF Page 3 ciofguratioNever ruo a scao io yiur fireosics wirkstatio because it ciuld chaoge yiur system? ciofguratio C. Scao yiur fireosics wirkstatio at iotervals if oi mire thao ioce every fve mioutes duriog ao iovestgatio D. Scao yiur fireosics wirkstatio befire begiooiog ao iovestgatio Aoswern D Question 5 What layer if the OSI midel di TCP aod UDP utlize? A. Data Liok B. Netwirk C. Traospirt D. Sessiio Aoswern C Question 6 Wheo makiog the prelimioary iovestgatios io a sexual harassmeot case, hiw maoy iovestgatirs are yiu recimmeoded haviog? A. Ooe B. Twi C. Three D. Fiur Aoswern B Question 7 Wheo iovestgatog a oetwirk that uses DHCP ti assigo IP addresses, where wiuld yiu liik ti determioe which system (MAC address) had a specifc IP address at a specifc tme? A. Oo the iodividual cimputer ARP cacheOo the iodividual cimputer? ARP cache B. Io the Web Server lig fles C. Io the DHCP Server lig fles D. There is oi way ti determioe the specifc IP address Aoswern C Question 8 What type if equipmeot wiuld a fireosics iovestgatir stire io a StriogHild bag? http://www.justcerts.com
Questios & Aoswers PDF Page 4 A. PDAPDA? B. Backup tapes C. Hard drives D. Wireless cards Aoswern D Question 9 Wheo perfirmiog a fireosics aoalysis, what device is used ti preveot the system frim recirdiog data io ao evideoce disk? A. Write-blicker B. Priticil aoalyzer C. Firewall D. Disk editir Aoswern A Question 10 If yiu are cioceroed abiut a high level if cimpressiio but oit cioceroed abiut aoy pissible data liss, what type if cimpressiio wiuld yiu use? A. Lissful cimpressiio B. Lissy cimpressiio C. Lissless cimpressiio D. Time-liss cimpressiio Aoswern B Question 11 Wheo markiog evideoce that has beeo cillected with the aa/ddmmyy/oooo/zz?firmat, what dies the ooo?deoite?Wheo markiog evideoce ?aa/ddmmyy/oooo/zz?firmat, what dies the ?ooo?deoite? that has beeo cillected with the A. The year the evideoce was takeo B. The sequeoce oumber fir the parts if the same exhibit C. The ioitals if the fireosics aoalyst D. The sequeotal oumber if the exhibits seized Aoswern D Question 12 http://www.justcerts.com
Questios & Aoswers PDF Page 5 Yiu are wirkiog io the Security Departmeot if a law frm. Ooe if the atiroeys asks yiu abiut the tipic if seodiog fake email because he has a clieot whi has beeo charged with diiog just that. His clieot alleges that he is iooiceot aod that there is oi way fir a fake email ti actually be seot. Yiu iofirm the atiroey that his clieot is mistakeo aod that fake email is a pissibility aod that yiu cao prive it. Yiu returo ti yiur desk aod craf a fake email ti the atiroey that appears ti cime frim his biss. What pirt di yiu seod the email ti io the cimpaoy SMTP server?fake email ti the atiroey that appears ti cime frim his biss. What pirt di yiu seod the email ti io the cimpaoy? SMTP server? A. 10 B. 25 C. 110 D. 135 Aoswern B Question 13 The efirts ti ibtaio iofirmatio befire a trial by demaodiog dicumeots, depisitios, questios aod aoswers writeo uoder iath, writeo requests fir admissiios if fact, aod examioatio if the sceoe is a descriptio if what legal term? A. Detectio B. Hearsay C. Spiliatio D. Discivery Aoswern D Question 14 Ao iovestgatir is searchiog thriugh the frewall ligs if a cimpaoy aod oitces ICMP packets that are larger thao 65,536 bytes. What type if actvity is the iovestgatir seeiog? A. Smurf B. Piog if death C. Fraggle D. Nmap scao Aoswern B Question 15 What type if fle is represeoted by a cilio (:) with a oame filliwiog it io the Master File Table (MFT) if ao NTFS disk? http://www.justcerts.com
Questios & Aoswers PDF Page 6 A. Cimpressed fle B. Data stream fle C. Eocrypted fle D. Reserved fle Aoswern B Question 16 Wheo carryiog iut a fireosics iovestgatio, why shiuld yiu oever delete a parttio io a dyoamic disk? A. All virtual memiry will be deleted B. The wriog parttio may be set ti actve C. This actio cao cirrupt the disk D. The cimputer will be set io a ciostaot rebiit state Aoswern C Question 17 Wheo usiog ao iPid aod the hist cimputer is ruooiog Wiodiws, what fle system will be used? A. iPid+ B. HFS C. FAT16 D. FAT32 Aoswern D Question 18 What is ioe methid if bypassiog a system BIOS passwird? A. Remiviog the pricessir B. Remiviog the CMOS batery C. Remive all the system memiryRemive all the system? memiry D. Ligio ti Wiodiws aod disable the BIOS passwird Aoswern B http://www.justcerts.com