[Free] 2018(Jan) EnsurePass Testking ECCouncil EC1-349 Dumps with VCE and PDF 191-200

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC1-349
100% Free Download! 100% Pass Guaranteed!

ECCouncil Computer Hacking Forensic Investigator

Question No: 191 – (Topic 2)

Which of the following refers to the data that might still exist in a cluster even though the original file has been overwritten by another file?

  1. Sector

  2. Metadata

  3. MFT

  4. Slack Space

Answer: D

Question No: 192 – (Topic 2)

What type of flash memory card comes in either Type I or Type II and consumes only five percent of the power required by small hard drives?

  1. SD memory

  2. CF memory

  3. MMC memory

  4. SM memory

Answer: B

Question No: 193 – (Topic 2)

Harold wants to set up a firewall on his network but is not sure which one would be the most appropriate. He knows he needs to allow FTP traffic to one of the servers on his network, but he wants to only allow FTP-PUT. Which firewall would be most appropriate for Harold? needs?

  1. Packet filtering firewall

  2. Circuit-level proxy firewall

  3. Application-level proxy firewall

  4. Data link layer firewall

Answer: C

Question No: 194 – (Topic 2)

When conducting computer forensic analysis, you must guard against

So that you remain focused on the primary job and insure that the level of work does not increase beyond what was originally expected.

  1. Hard Drive Failure

  2. Scope Creep

  3. Unauthorized expenses

  4. Overzealous marketing

Answer: B

Question No: 195 – (Topic 2)

Julia is a senior security analyst for Berber Consulting group. She is currently working on a contract for a small accounting firm in Florida. They have given her permission to perform social engineering attacks on the company to see if their in-house training did any good.

Julia calls the main number for the accounting firm and talks to the receptionist. Julia says that she is an IT technician from the company#39;s main office in Iowa. She states that she needs the receptionist#39;s network username and password to troubleshoot a problem they are having. Julia says that Bill Hammond, the CEO of the company, reQuested this information. After hearing the name of the CEO, the receptionist gave Julia all the information she asked for. What principal of social engineering did Julia use?

  1. Social Validation

  2. Friendship/Liking

  3. Reciprocation

  4. Scarcity

Answer: C

Question No: 196 – (Topic 2)

Melanie was newly assigned to an investigation and asked to make a copy of all the evidence from the compromised system. Melanie did a DOS copy of all the files on the system. What would be the primary reason for you to recommend a disk imaging tool?

  1. A disk imaging tool would check for CRC32s for internal self checking and validation and have MD5 checksum

  2. Evidence file format will contain case data entered by the examiner and encrypted at the beginning of the evidence file

  3. A simple DOS copy will not include deleted files, file slack and other information

  4. There is no case for an imaging tool as it will use a closed, proprietary format that if compared to the original will not match up sector for sector

Answer: C

Question No: 197 – (Topic 2)

After undergoing an external IT audit, George realizes his network is vulnerable to DDoS attacks. What countermeasures could he take to prevent DDoS attacks?

  1. Enable BGP

  2. Enable direct broadcasts

  3. Disable BGP

  4. Disable direct broadcasts

Answer: D

Question No: 198 – (Topic 2)

Michael works for Kimball Construction Company as senior security analyst. As part of yearly security audit, Michael scans his network for vulnerabilities. Using Nmap, Michael conducts XMAS scan and most of the ports scanned do not give a response. In what state are these ports?

  1. Filtered

  2. Closed

  3. Open

  4. Stealth

Answer: C

Question No: 199 – (Topic 2)

John and Hillary works at the same department in the company. John wants to find out Hillary#39;s network password so he can take a look at her documents on the file server. He enables Lophtcrack program to sniffing mode. John sends Hillary an email with a link to Error! Reference source not found. What information will he be able to gather from this?

  1. The SID of Hillary network account

  2. The SAM file from Hillary computer

  3. The network shares that Hillary has permissions

  4. Hillary network username and password hash

Answer: D Explanation:

Note: From the question, we would have to assume that John is not the Administrator, since he needs to run L0phtcrack in sniffing mode. But what if the company is using switches instead of Hubs? John would either try to degarde the switch or perform a man in the middle attack.

Question No: 200 – (Topic 2)

George is performing security analysis for Hammond and Sons LLC. He is testing security vulnerabilities of their wireless network. He plans on remaining as quot;stealthyquot; as possible during the scan. Why would a scanner like Nessus is not recommended in this situation?

  1. Nessus cannot perform wireless testing

  2. Nessus is too loud

  3. There are no ways of performing a quot;stealthyquot; wireless scan

  4. Nessus is not a network scanner

Answer: B

100% Ensurepass Free Download!
Download Free Demo:EC1-349 Demo PDF
100% Ensurepass Free Guaranteed!
EC1-349 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No