EC-COUNCIL EC0-349 Online Practice Questions and Exam Preparation

EC-COUNCIL EC0-349 Online Questions & Answers

• Question 121:

  Cylie is investigating a network breach at a state organization in Florida. She discovers that the intruders were able to gain access into the company firewalls by overloading them with IP packets. Cylie then discovers through her investigation that the intruders hacked into the company phone system and used the hard drives on their PBX system to store shared music files. What would this attack on the company PBX system be called?

  A. Phreaking
  B. Squatting
  C. Crunching
  D. Pretexting
  A. Phreaking

• Question 122:

  What is considered a grant of a property right given to an individual who discovers or invents a new machine, process, useful composition of matter or manufacture?

  A. Copyright
  B. Design patent
  C. Trademark
  D. Utility patent
  D. Utility patent

• Question 123:

  When investigating a network that uses DHCP to assign IP addresses, where would you look to determine which system (MAC address) had a specific IP address at a specific time?

  A. on the individual computer's ARP cache
  B. in the Web Server log files
  C. in the DHCP Server log files
  D. there is no way to determine the specific IP address
  C. in the DHCP Server log files

• Question 124:

  The objective of this act was to protect consumers' personal financial information held by financial institutions and their service providers.

  A. Gramm-Leach-Bliley Act
  B. Sarbanes-Oxley 2002
  C. California SB 1386
  D. HIPAA
  A. Gramm-Leach-Bliley Act

• Question 125:

  In General, __________________ Involves the investigation of data that can be retrieved from the hard disk or other disks of a computer by applying scientific methods to retrieve the data.

  A. Network Forensics
  B. Data Recovery
  C. Disaster Recovery
  D. Computer Forensics
  D. Computer Forensics

• Question 126:

  A picture file is recovered from a computer under investigation. During the investigation process, the file is enlarged 500% to get a better view of its contents. The picture quality is not degraded at all from this process. What kind of picture is this file. What kind of picture is this file?

  A. Raster image
  B. Vector image
  C. Metafile image
  D. Catalog image
  B. Vector image

• Question 127:

  What is the CIDR from the following screenshot?

  

  A. /24A./24A./24
  B. /32 B./32 B./32
  C. /16 C./16 C./16
  D. /8D./8D./8
  D. /8D./8D./8

• Question 128:

  When carrying out a forensics investigation, why should you never delete a partition on a dynamic disk?

  A. All virtual memory will be deleted
  B. The wrong partition may be set to active
  C. This action can corrupt the disk
  D. The computer will be set in a constant reboot state
  C. This action can corrupt the disk

• Question 129:

  If you are concerned about a high level of compression but not concerned about any possible data loss, what type of compression would you use?

  A. Lossful compression
  B. Lossy compression
  C. Lossless compression
  D. Time-loss compression
  B. Lossy compression

• Question 130:

  Hackers can gain access to Windows Registry and manipulate user passwords, DNS settings, access rights or others features that they may need in order to accomplish their objectives. One simple method for loading an application at startup is to add an entry (Key) to the following Registry Hive:

  A. HKEY_LOCAL_MACHINE\hardware\windows\start
  B. HKEY_LOCAL_USERS\Software\Microsoft\old\Version\Load
  C. HKEY_CURRENT_USER\Microsoft\Default
  D. HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\Run
  D. HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\Run