EC-COUNCIL EC0-349 Online Practice Questions and Exam Preparation

EC-COUNCIL EC0-349 Online Questions & Answers

• Question 51:

  All Blackberry email is eventually sent and received through what proprietary RIM-operated mechanism?

  A. Blackberry Message Center
  B. Microsoft Exchange
  C. Blackberry WAP gateway
  D. Blackberry WEP gateway
  A. Blackberry Message Center

• Question 52:

  The MD5 program is used to:

  A. wipe magnetic media before recycling it
  B. make directories on an evidence disk
  C. view graphics files on an evidence drive
  D. verify that a disk is not altered when you examine it
  D. verify that a disk is not altered when you examine it

• Question 53:

  While looking through the IIS log file of a web server, you find the following entries:

  

  What is evident from this log file?

  A. Web bugs
  B. Cross site scripting
  C. Hidden fields
  D. SQL injection is possible
  D. SQL injection is possible

• Question 54:

  The use of warning banners helps a company avoid litigation by overcoming an employee assumed __________________________. When connecting to the company's intranet, network or Virtual Private Network(VPN) and will allow the company's investigators to monitor, search and retrieve information stored within the network.

  A. Right to work
  B. Right of free speech
  C. Right to Internet Access
  D. Right of Privacy
  D. Right of Privacy

• Question 55:

  How many characters long is the fixed-length MD5 algorithm checksum of a critical system file?

  A. 16
  B. 32
  C. 64
  D. 48
  B. 32

• Question 56:

  Your company's network just finished going through a SAS 70 audit. This audit reported that overall, your network is secure, but there are some areas that needs improvement. The major area was SNMP security. The audit company recommended turning off SNMP, but that is not an option since you have so many remote nodes to keep track of. What step could you take to help secure SNMP on your network?

  A. Block all internal MAC address from using SNMP
  B. Block access to UDP port 171
  C. Block access to TCP port 171
  D. Change the default community string names
  D. Change the default community string names

• Question 57:

  What type of flash memory card comes in either Type I or Type II and consumes only five percent of the power required by small hard drives?

  A. SD memory
  B. CF memory
  C. MMC memory
  D. SM memory
  B. CF memory

• Question 58:

  Which forensic investigating concept trails the whole incident from how the attack began to how the victim was affected?

  A. Point-to-point
  B. End-to-end
  C. Thorough
  D. Complete event analysis
  B. End-to-end

• Question 59:

  Heather, a computer forensics investigator, is assisting a group of investigators working on a large computer fraud case involving over 20 people. These 20 people, working in different offices, allegedly siphoned off money from many different client accounts. Heather responsibility is to find out how the accused people communicated between each other. She has searched their email and their computers and has not found any useful evidence. Heather then finds some possibly useful evidence under the desk of one of the accused. In an envelope she finds a piece of plastic with numerous holes cut out of it. Heather then finds the same exact piece of plastic with holes at many of the other accused peoples desks. Heather believes that the 20 people involved in the case were using a cipher to send secret messages in between each other. What type of cipher was used by the accused in this case?

  A. Grill cipher
  B. Null cipher
  C. Text semagram
  D. Visual semagram
  A. Grill cipher

• Question 60:

  What is the smallest physical storage unit on a hard drive?

  A. Track
  B. Cluster
  C. Sector
  D. Platter
  C. Sector