[Free] 2018(Jan) EnsurePass Testking ECCouncil EC1-349 Dumps with VCE and PDF 1-10

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC1-349
100% Free Download! 100% Pass Guaranteed!

ECCouncil Computer Hacking Forensic Investigator

Question No: 1 – (Topic 1)

What must be obtained before an investigation is carried out at a location?

  1. Search warrant

  2. Subpoena

  3. Habeas corpus

  4. Modus operandi

Answer: A

Question No: 2 – (Topic 1)

What happens when a file is deleted by a Microsoft operating system using the FAT file system?

  1. The file is erased and cannot be recovered

  2. The file is erased but can be recovered partially

  3. A copy of the file is stored and the original file is erased

  4. Only the reference to the file is removed from the FAT and can be recovered

Answer: D

Question No: 3 – (Topic 1)

The efforts to obtain information before a trial by demanding documents, depositions, questions and answers written under oath, written requests for admissions of fact, and examination of the scene is a description of what legal term?

  1. Detection

  2. Hearsay

  3. Spoliation

  4. Discovery

Answer: D

Question No: 4 – (Topic 1)

What hashing method is used to password protect Blackberry devices?

  1. AES

  2. RC5

  3. MD5

  4. SHA-1

Answer: D

Question No: 5 – (Topic 1)

Under confession, an accused criminal admitted to encrypting child pornography pictures and then hiding them within other pictures. What technique did the accused criminal employ?

  1. Typography

  2. Steganalysis

  3. Picture encoding

  4. Steganography

Answer: D

Question No: 6 – (Topic 1)

What term is used to describe a cryptographic technique for embedding information into something else for the sole purpose of hiding that information from the casual observer?

  1. Key escrow

  2. Steganography

  3. Rootkit

  4. Offset

Answer: B

Question No: 7 – (Topic 1)

What is the smallest physical storage unit on a hard drive?

  1. Track

  2. Cluster

  3. Sector

  4. Platter

Answer: C

Question No: 8 – (Topic 1)

Heather, a computer forensics investigator, is assisting a group of investigators working on a large computer fraud case involving over 20 people. These 20 people, working in different offices, allegedly siphoned off money from many different client accounts. Heather responsibility is to findThese 20 people, working in different offices, allegedly siphoned off money from many different client accounts. Heather? responsibility is to find out how the accused people communicated between each other. She has searched their email and their computers and has not found any useful evidence. Heather then finds some possibly useful evidence under the desk of one of the accused. In an envelope she finds a piece of plastic with numerous holes cut out of it. Heather then finds the same exact piece of plastic with holes at many of the other accused peoples?desks. Heather believes that the 20 people involved in the case were using a cipher to send secret messages in between each other. What type of cipher was used by the accused in this case?

  1. Grill cipher

  2. Null cipher

  3. Text semagram

  4. Visual semagram

Answer: A

Question No: 9 – (Topic 1)

What technique used by Encase makes it virtually impossible to tamper with evidence once it has been acquired?

  1. Every byte of the file(s) is given an MD5 hash to match against a master file

  2. Every byte of the file(s) is verified using 32-bit CRC

  3. Every byte of the file(s) is copied to three different hard drives

  4. Every byte of the file(s) is encrypted using three different methods

Answer: B

Question No: 10 – (Topic 1)

Travis, a computer forensics investigator, is finishing up a case he has been working on for over a month involving copyright infringement and embezzlement. His last task is to prepare an investigative report for the president of the company he has been working for. Travis must submit a hard copy and an electronic copy to this president. In what electronic format should Travis send this report?

  1. TIFF-8

  2. DOC

  3. WPD

  4. PDF

Answer: D

100% Ensurepass Free Download!
Download Free Demo:EC1-349 Demo PDF
100% Ensurepass Free Guaranteed!
EC1-349 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No