EC1-349 Exam Details
-
Exam Code
:EC1-349 -
Exam Name
:Computer Hacking Forensic Investigator (CHFI) -
Certification
:EC-COUNCIL Certifications -
Vendor
:EC-COUNCIL -
Total Questions
:486 Q&As -
Last Updated
:Dec 19, 2024
EC-COUNCIL EC1-349 Online Questions & Answers
-
Question 251:
Networks are vulnerable to an attack which occurs due to overextension of bandwidth, bottlenecks, network data interception, etc.
Which of the following network attacks refers to a process in which an attacker changes his or her IP address so that he or she appears to be someone else?
A. IP address spoofing
B. Man-in-the-middle attack
C. Denial of Service attack
D. Session sniffing -
Question 252:
Which of the following password cracking techniques works like a dictionary attack, but adds some numbers and symbols to the words from the dictionary and tries to crack the password?
A. Brute forcing attack
B. Hybrid attack
C. Syllable attack
D. Rule-based attack -
Question 253:
A state department site was recently attacked and all the servers had their disks erased. The incident response team sealed the area and commenced investigation. During evidence collection they came across a zip disks that did not have the standard labeling on it. The incident team ran the disk on an isolated system and found that the system disk was accidentally erased. They decided to call in the FBI for further investigation. Meanwhile, they short listed possible suspects including three summer interns. Where did the incident team go wrong?
A. They examined the actual evidence on an unrelated system
B. They attempted to implicate personnel without proof
C. They tampered with evidence by using it
D. They called in the FBI without correlating with the fingerprint data -
Question 254:
Madison is on trial for allegedly breaking into her university internal network. The police raided her dorm room and seized all of her computerMadison is on trial for allegedly breaking into her university? internal network. The police raided her dorm room and seized all of her computer equipment. Madison lawyer is trying to convince the judge that the seizure was unfounded and baseless. Under which US Amendment isequipment. Madison? lawyer is trying to convince the judge that the seizure was unfounded and baseless. Under which US Amendment is Madison lawyer trying to prove the police violated?Madison? lawyer trying to prove the police violated?
A. The 10th Amendment
B. The 5th Amendment
C. The 1st Amendment
D. The 4th Amendment -
Question 255:
Printing under a Windows Computer normally requires which one of the following files types to be created?
A. EME
B. MEM
C. EMF
D. CME -
Question 256:
Log management includes all the processes and techniques used to collect, aggregate, and analyze computer-generated log messages. It consists of the hardware, software, network and media used to generate, transmit, store, analyze, and dispose of log data.
A. True
B. False -
Question 257:
How do you define Technical Steganography?
A. Steganography that uses physical or chemical means to hide the existence of a message
B. Steganography that utilizes written natural language to hide the message in the carrier in some non-obvious ways
C. Steganography that utilizes written JAVA language to hide the message in the carrier in some non-obvious ways
D. Steganography that utilizes visual symbols or signs to hide secret messages -
Question 258:
The following is a log file screenshot from a default installation of IIS 6.0.
What time standard is used by IIS as seen in the screenshot?
A. UTC
B. GMT
C. TAI
D. UT -
Question 259:
Diskcopy is:
A. a utility by AccessData
B. a standard MS-DOS command
C. Digital Intelligence utility
D. dd copying tool -
Question 260:
Click on the Exhibit Button To test your website for vulnerabilities, you type in a Quotation mark (? for the username field. After you click Ok, you receive the following error message window: What can you infer from this error window?
A. SQL injection is not possible
B. SQL injection is possible
C. The user for line 3306 in the SQL database has a weak password
D. The Quotation mark (? is a valid username
Related Exams:
-
112-51
EC-Council Certified Network Defense Essentials (NDE) -
212-055
Sun Certified Programmer for the Java 2 Platform.SE 5.0 -
212-77
EC-Council Certified Linux Security -
212-81
EC-Council Certified Encryption Specialist (ECES) -
212-82
EC-Council Certified Cybersecurity Technician (C|CT) -
212-89
EC Council Certified Incident Handler (ECIH v3) -
312-38
EC-Council Certified Network Defender (CND) -
312-39
EC-Council Certified SOC Analyst (CSA) -
312-40
EC-Council Certified Cloud Security Engineer (CCSE) -
312-49
ECCouncil Computer Hacking Forensic Investigator (V9)
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC1-349 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.