1. Home
  2. EC-COUNCIL
  3. EC1-349

EC-COUNCIL EC1-349 Online Practice Questions and Exam Preparation

EC1-349 Exam Details

  • Exam Code
    :EC1-349
  • Exam Name
    :Computer Hacking Forensic Investigator (CHFI)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :486 Q&As
  • Last Updated
    :Dec 19, 2024

EC-COUNCIL EC1-349 Online Questions & Answers

  • Question 351:

    In a FAT32 system, a 123 KB file will use how many sectors?

    A. 34
    B. 25
    C. 11
    D. 56
    E. 246

  • Question 352:

    Digital evidence is not fragile in nature.

    A. True
    B. False

  • Question 353:

    Which of the following reports are delivered under oath to a board of directors/managers/panel of jury?

    A. Written informal Report
    B. Verbal Formal Report
    C. Written Formal Report
    D. Verbal Informal Report

  • Question 354:

    An "idle" system is also referred to as what?

    A. PC not connected to the Internet
    B. PC not being used
    C. Zombie
    D. Bot

  • Question 355:

    What type of attack sends spoofed UDP packets (instead of ping packets) with a fake source address to the IP broadcast address of a large network?

    A. Fraggle
    B. Smurf scan
    C. SYN flood
    D. Teardrop

  • Question 356:

    What should you do when approached by a reporter about a case that you are working on or have worked on?

    A. Refer the reporter to the attorney that retained you
    B. Say, o comment?Say, ?o comment
    C. Answer all the reporter questions as completely as possibleAnswer all the reporter? questions as completely as possible
    D. Answer only the questions that help your case

  • Question 357:

    If the partition size Is 4 GB, each cluster will be 32 K. Even If a file needs only 10 K, the entire 32 K will be allocated, resulting In 22 K of___________.

    A. Slack space
    B. Deleted space
    C. Cluster space
    D. Sector space

  • Question 358:

    Buffer Overflow occurs when an application writes more data to a block of memory, or buffer, than the buffer is allocated to hold. Buffer overflow attacks allow an attacker to modify the _______________in order to control the process execution, crash the process and modify internal variables.

    A. Target process's address space
    B. Target remote access
    C. Target rainbow table
    D. Target SAM file

  • Question 359:

    When investigating a computer forensics case where Microsoft Exchange and Blackberry Enterprise server are used, where would investigator need to search to find email sent from a Blackberry device?

    A. RIM Messaging center
    B. Blackberry Enterprise server
    C. Microsoft Exchange server
    D. Blackberry desktop redirector

  • Question 360:

    If you come across a sheepdip machine at your client site, what would you infer?

    A. A sheepdip coordinates several honeypots
    B. A sheepdip computer is another name for a honeypot
    C. A sheepdip computer is used only for virus-checking.
    D. A sheepdip computer defers a denial of service attack

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC1-349 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.