1. Home
  2. EC-COUNCIL
  3. EC1-349

EC-COUNCIL EC1-349 Online Practice Questions and Exam Preparation

EC1-349 Exam Details

  • Exam Code
    :EC1-349
  • Exam Name
    :Computer Hacking Forensic Investigator (CHFI)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :486 Q&As
  • Last Updated
    :Dec 19, 2024

EC-COUNCIL EC1-349 Online Questions & Answers

  • Question 301:

    How often must a company keep log files for them to be admissible in a court of law?

    A. All log files are admissible in court no matter their frequency
    B. Weekly
    C. Monthly
    D. Continuously

  • Question 302:

    George is performing security analysis for Hammond and Sons LLC. He is testing security vulnerabilities of their wireless network. He plans on remaining as "stealthy" as possible during the scan. Why would a scanner like Nessus is not recommended in this situation?

    A. Nessus cannot perform wireless testing
    B. Nessus is too loud
    C. There are no ways of performing a "stealthy" wireless scan
    D. Nessus is not a network scanner

  • Question 303:

    What header field in the TCP/IP protocol stack involves the hacker exploit known as the Ping of Death?

    A. ICMP header field
    B. TCP header field
    C. IP header field
    D. UDP header field

  • Question 304:

    What will the following command accomplish in Linux? fdisk /dev/hda

    A. Partition the hard drive
    B. Format the hard drive
    C. Delete all files under the /dev/hda folder
    D. Fill the disk with zeros

  • Question 305:

    When a file or folder is deleted, the complete path, including the original file name, is stored in a special hidden file called "INF02" in the Recycled folder. If the INF02 file is deleted, it is re-created when you___________.

    A. Restart Windows
    B. Kill the running processes in Windows task manager
    C. Run the antivirus tool on the system
    D. Run the anti-spyware tool on the system

  • Question 306:

    How many bits is Source Port Number in TCP Header packet?

    A. 16
    B. 48
    C. 32
    D. 64

  • Question 307:

    A suspect is accused of violating the acceptable use of computing resources, as he has visited adult websites and downloaded images. The investigator wants to demonstrate that the suspect did indeed visit these sites. However, the suspect has cleared the search history and emptied the cookie cache. Moreover, he has removed any images he might have downloaded. What can the investigator do to prove the violation? Choose the most feasible option.

    A. Image the disk and try to recover deleted files
    B. Seek the help of co-workers who are eye-witnesses
    C. Check the Windows registry for connection data (You may or may not recover)
    D. Approach the websites for evidence

  • Question 308:

    How many sectors will a 125 KB file use in a FAT32 file system?

    A. 32
    B. 16
    C. 250
    D. 25

  • Question 309:

    Which of the following commands shows you the names of all open shared files on a server and number of file locks on each file?

    A. Net sessions
    B. Net file
    C. Netconfig
    D. Net share

  • Question 310:

    Which Is a Linux journaling file system?

    A. Ext3
    B. HFS
    C. FAT
    D. BFS

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC1-349 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.