1. Home
  2. EC-COUNCIL
  3. EC0-349

EC-COUNCIL EC0-349 Online Practice Questions and Exam Preparation

EC0-349 Exam Details

  • Exam Code
    :EC0-349
  • Exam Name
    :Computer Hacking Forensic Investigator
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :325 Q&As
  • Last Updated
    :May 24, 2026

EC-COUNCIL EC0-349 Online Questions & Answers

  • Question 241:

    Jason is the security administrator of ACMA metal Corporation. One day he notices the company's Oracle database server has been compromised and the customer information along with financial data has been stolen. The financial loss will be in millions of dollars if the database gets into the hands of the competitors. Jason wants to report this crime to the law enforcement agencies immediately.

    Which organization coordinates computer crimes investigations throughout the United States?

    A. Internet Fraud Complaint Center
    B. Local or national office of the U.S. Secret Service
    C. National Infrastructure Protection Center
    D. CERT Coordination Center

  • Question 242:

    What is a good security method to prevent unauthorized users from "tailgating"?

    A. Man trap
    B. Electronic combination locks
    C. Pick-resistant locks
    D. Electronic key systems

  • Question 243:

    Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance agreement he signed with the client, Harold is performing research online and seeing how much exposure the site has received so far. Harold navigates to google.com and types in the following search. link:www.ghttech.net What will this search produce?

    A. All sites that ghttech.net links to
    B. All sites that link to ghttech.net
    C. All search engines that link to .net domains
    D. Sites that contain the code: link:www.ghttech.net

  • Question 244:

    Tyler is setting up a wireless network for his business that he runs out of his home. He has followed all the directions from the ISP as well as the wireless router manual. He does not have any encryption set and the SSID is being broadcast. On his laptop, he can pick up the wireless signal for short periods of time, but then the connection drops and the signal goes away. Eventually the wireless signal shows back up, but drops intermittently. What could be Tyler issue with his home wireless network?

    A. Computers on his wired network
    B. Satellite television
    C. 2. 4Ghz Cordless phones
    D. CB radio

  • Question 245:

    You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have rummaged through their trash and found very little information. You do not want to set off any alarms on their network, so you plan on performing passive foot printing against their Web servers. What tool should you use?

    A. Ping sweep
    B. Nmap
    C. Netcraft
    D. Dig

  • Question 246:

    What type of attack sends SYN requests to a target system with spoofed IP addresses?

    A. SYN flood
    B. Ping of death
    C. Cross site scripting
    D. Land

  • Question 247:

    A computer forensics investigator is inspecting the firewall logs for a large financial institution that has employees working 24 hours a day, 7 days a week.

    What can the investigator infer from the screenshot seen below?

    A. A smurf attack has been attempted
    B. A denial of service has been attempted
    C. Network intrusion has occurred
    D. Buffer overflow attempt on the firewall.

  • Question 248:

    When you carve an image, recovering the image depends on which of the following skills?

    A. Recognizing the pattern of the header content
    B. Recovering the image from a tape backup
    C. Recognizing the pattern of a corrupt file
    D. Recovering the image from the tape backup

  • Question 249:

    An investigator wants to prove that an acquired image is an exact copy of the original drive. Which approach is correct?

    A. Compare MD5/SHA checksums of the original and the image (hash comparison)
    B. Open files on the original and image and compare a few samples manually
    C. Rely on the imaging tool vendor's certificate
    D. Compare file counts only

  • Question 250:

    Office documents (Word, Excel, PowerPoint) contain a code that allows tracking the MAC, or unique identifier, of the machine that created the document. What is that code called?

    A. the Microsoft Virtual Machine Identifier
    B. the Personal Application Protocol
    C. the Globally Unique ID
    D. the Individual ASCII String

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-349 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.