[Free] 2018(Jan) EnsurePass Testking ECCouncil EC0-479 Dumps with VCE and PDF 141-150

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC0-479
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 141 – (Topic 3)

You are called in to assist the police in an investigation involving a suspected drug dealer. The suspects house was searched by the police after a warrant was obtained and they located a floppy disk in the suspects bedroom. The disk contains several files, but they appear to be password protecteD. What are two common methods used by password cracking software that you can use to obtain the password?

  1. Limited force and library attack

  2. Brute Force and dictionary Attack

  3. Maximum force and thesaurus Attack

  4. Minimum force and appendix Attack

Answer: B

Question No: 142 – (Topic 3)

When examining a hard disk without a write-blocker, you should not start windows because Windows will write data to the:

  1. Recycle Bin

  2. MSDOS.sys

  3. BIOS D. Case files

Answer: A

Question No: 143 – (Topic 3)

An Employee is suspected of stealing proprietary information belonging to your company that he had no rights to possess. The information was stored on the Employees Computer that was protected with the NTFS Encrypted File System (EFS) and you had observed him copy the files to a floppy disk just before leaving work for the weekenD. You detain the Employee before he leaves the building and recover the floppy disks and secure his computer. Will you be able to break the encryption so that you can verify that that the employee was in possession of the proprietary information?

  1. EFS uses a 128- bit key that cant be cracked, so you will not be able to recover the information

  2. When the encrypted file was copied to the floppy disk, it was automatically unencrypted, so you can recover the information

  3. The EFS Revoked Key Agent can be used on the Computer to recover the information

  4. When the Encrypted file was copied to the floppy disk, the EFS private key was also copied to the floppy disk, so you can recover the information.

Answer: B

Question No: 144 – (Topic 3)

What type of file is represented by a colon (:) with a name following it in the Master File Table of NTFS disk?

  1. A compressed file

  2. A Data stream file

  3. An encrypted file

  4. A reserved file

Answer: B

Question No: 145 – (Topic 3)

In Microsoft file structures, sectors are grouped together to form:

  1. Clusters

  2. Drives

  3. Bitstreams

  4. Partitions

Answer: A

Question No: 146 – (Topic 3)

While working for a prosecutor, What do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense ?

  1. Keep the information of file for later review

  2. Destroy the evidence

  3. Bring the information to the attention of the prosecutor, his or her supervisor or finally to

    the judge

  4. Present the evidence to the defense attorney

Answer: C

Question No: 147 – (Topic 3)

When a file is deleted by Windows Explorer or through the MS-DOS delete command, the operating system inserts in the first letter position of the filename in the FAT database.

  1. A Capital X

  2. A Blank Space

  3. The Underscore Symbol

  4. The lowercase Greek Letter Sigma (s)

Answer: D

Question No: 148 – (Topic 3)

When you carve an image, recovering the image depends on which of the following skills?

  1. Recognizing the pattern of the header content

  2. Recovering the image from a tape backup

  3. Recognizing the pattern of a corrupt file

  4. Recovering the image from the tape backup

Answer: A

Question No: 149 – (Topic 3)

In General, Involves the investigation of data that can be retrieved from the hard disk or other disks of a computer by applying scientific methods to retrieve the datA.

  1. Network Forensics

  2. Data Recovery

  3. Disaster Recovery

  4. Computer Forensics

Answer: D

Topic 4, Volume D

Question No: 150 – (Topic 4)

When conducting computer forensic analysis, you must guard against So that you remain focused on the primary job and insure that the level of work does not increase beyond what was originally expecteD.

  1. Hard Drive Failure

  2. Scope Creep

  3. Unauthorized expenses

  4. Overzealous marketing

Answer: B

100% Ensurepass Free Download!
Download Free Demo:EC0-479 Demo PDF
100% Ensurepass Free Guaranteed!
EC0-479 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No