EC-COUNCIL EC1-349 Online Practice Questions and Exam Preparation

EC-COUNCIL EC1-349 Online Questions & Answers

• Question 151:

  The IIS log file format is a fixed (cannot be customized) ASCII text-based format. The IIS format includes basic items, such as client IP address, user name, date and time, service and instance, server name and IP address, request type, target of operation, etc. Identify the service status code from the following IIS log.

  192.168.100.150, -, 03/6/11, 8:45:30, W3SVC2, SERVER, 172.15.10.30, 4210, 125, 3524, 100, 0, GET, /dollerlogo.gif,

  A. W3SVC2
  B. 4210
  C. 3524
  D. 100
  D. 100

• Question 152:

  Why is it Important to consider health and safety factors in the work carried out at all stages of the forensic process conducted by the forensic analysts?

  A. This is to protect the staff and preserve any fingerprints that may need to be recovered at a later date
  B. All forensic teams should wear protective latex gloves which makes them look professional and cool
  C. Local law enforcement agencies compel them to wear latest gloves
  D. It is a part of ANSI 346 forensics standard
  A. This is to protect the staff and preserve any fingerprints that may need to be recovered at a later date

• Question 153:

  Where are files temporarily written in Unix when printing?

  A. /usr/spool
  B. /var/print
  C. /spool
  D. /var/spool
  D. /var/spool

• Question 154:

  A computer forensic report is a report which provides detailed information on the complete forensics investigation process.

  A. True
  B. False
  A. True

• Question 155:

  Using Internet logging software to investigate a case of malicious use of computers, the investigator comes across some entries that appear odd.

  

  From the log, the investigator can see where the person in question went on the Internet. From the log, it appears that the user was manually typing in different user ID numbers. What technique this user was trying?

  A. Parameter tampering
  B. Cross site scripting
  C. SQL injection
  D. Cookie Poisoning Cookie Poisoning
  A. Parameter tampering

• Question 156:

  Before you are called to testify as an expert, what must an attorney do first?

  A. engage in damage control
  B. prove that the tools you used to conduct your examination are perfect
  C. read your curriculum vitae to the jury
  D. qualify you as an expert witness
  D. qualify you as an expert witness

• Question 157:

  What type of attack sends SYN requests to a target system with spoofed IP addresses?

  A. SYN flood
  B. Ping of death
  C. Cross site scripting
  D. Land
  A. SYN flood

• Question 158:

  Which root folder (hive) of registry editor contains a vast array of configuration information for the system, including hardware settings and software settings?

  A. HKEY_USERS
  B. HKEY_CURRENT_USER
  C. HKEY_LOCAL_MACHINE
  D. HKEY-CURRENT_CONFIG
  C. HKEY_LOCAL_MACHINE

• Question 159:

  This organization maintains a database of hash signatures for known software

  A. International Standards Organization
  B. Institute of Electrical and Electronics Engineers
  C. National Software Reference Library
  D. American National standards Institute
  C. National Software Reference Library

• Question 160:

  You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web

  security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities:

  When you type this and click on search, you receive a pop-up window that says:

  "This is a test." What is the result of this test?

  A. Your website is vulnerable to SQL injection
  B. Your website is vulnerable to CSS
  C. Your website is vulnerable to web bugs
  D. Your website is not vulnerable
  B. Your website is vulnerable to CSS