[Free] 2018(Jan) EnsurePass Testking ECCouncil EC1-349 Dumps with VCE and PDF 81-90

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC1-349
100% Free Download! 100% Pass Guaranteed!

ECCouncil Computer Hacking Forensic Investigator

Question No: 81 – (Topic 2)

What will the following command produce on a website login page?

SELECT email, passwd, login_id, full_name FROM members WHERE email = #39;someone@somehwere.com#39;;

DROP TABLE members; -#39;

  1. Retrieves the password for the first user in the members table

  2. This command will not produce anything since the syntax is incorrect

  3. Deletes the entire members table

  4. Inserts the Error! Reference source not found. email address into the members table

Answer: C

Explanation: The third line deletes the table named members.

Question No: 82 – (Topic 2)

In handling computer-related incidents, which IT role should be responsible for recovery, containment, and prevention to constituents?

  1. Security Administrator

  2. Network Administrator

  3. Director of Information Technology

  4. Director of Administration

Answer: B

Question No: 83 – (Topic 2)

This type of testimony is presented by someone who does the actual fieldwork and does not offer a view in court.

  1. Civil litigation testimony

  2. Expert testimony

  3. Victim advocate testimony Technical testimony

Question No: 84 – (Topic 2)

The use of warning banners helps a company avoid litigation by overcoming an employees assumed when connecting to the company intranet, network, or virtual private network (VPN) and will allow the company investigators to monitor, search, and retrievecompany? intranet, network, or virtual private network (VPN) and will allow the company? investigators to monitor, search, and retrieve information stored within the network.

  1. Right to work

  2. Right of free speech

  3. Right to Internet access

  4. Right of privacy

Answer: D

Question No: 85 – (Topic 2)

When investigating a computer forensics case where Microsoft Exchange and Blackberry Enterprise server are used, where would investigator need to search to find email sent from a Blackberry device?

  1. RIM Messaging center

  2. Blackberry Enterprise server

  3. Microsoft Exchange server

  4. Blackberry desktop redirector

Answer: C

Question No: 86 – (Topic 2)

This organization maintains a database of hash signatures for known software

  1. International Standards Organization

  2. Institute of Electrical and Electronics Engineers

  3. National Software Reference Library

  4. American National standards Institute

Answer: C

Question No: 87 – (Topic 2)

At what layer of the OSI model do routers function on?

  1. 4

  2. 3

  3. 1

  4. 5

Answer: B

Question No: 88 – (Topic 2)

Office documents (Word, Excel, PowerPoint) contain a code that allows tracking the MAC, or unique identifier, of the machine that created the document.

What is that code called?

  1. the Microsoft Virtual Machine Identifier

  2. the Personal Application Protocol

  3. the Globally Unique ID

  4. the Individual ASCII String

Answer: C

Question No: 89 – (Topic 2)

Volatile Memory is one of the leading problems for forensics. Worms such as code Red are memory resident and do not write themselves to the hard drive, if you turn the system off they disappear. In a lab environment, which of the following options would you suggest as the most appropriate to overcome the problem of capturing volatile memory?

  1. Use Vmware to be able to capture the data in memory and examine it

  2. Give the Operating System a minimal amount of memory, forcing it to use a swap file

  3. Create a Separate partition of several hundred megabytes and place the swap file there

  4. Use intrusion forensic techniques to study memory resident infections

Answer: A,C

Question No: 90 – (Topic 2)

Your company#39;s network just finished going through a SAS 70 audit. This audit reported that overall, your network is secure, but there are some areas that needs improvement. The major area was SNMP security. The audit company recommended turning off SNMP, but that is not an option since you have so many remote nodes to keep track of. What step could you take to help secure SNMP on your network?

  1. Block access to TCP port 171

  2. Change the default community string names

  3. Block all internal MAC address from using SNMP

  4. Block access to UDP port 171

Answer: B

100% Ensurepass Free Download!
Download Free Demo:EC1-349 Demo PDF
100% Ensurepass Free Guaranteed!
EC1-349 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No