[Free] 2018(Jan) EnsurePass Pass4sure ECCouncil EC1-349 Dumps with VCE and PDF 71-80

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC1-349
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/EC1-349.html

ECCouncil Computer Hacking Forensic Investigator

Question No: 71 – (Topic 1)

Davidson Trucking is a small transportation company that has three local offices in Detroit Michigan. Ten female employees that work for the company have gone to an attorney reporting that male employees repeatedly harassed them and that management did nothing to stop the problem. Davidson has employee policies that outline all company guidelines, including awareness on harassment and how it will not be tolerated. When the case is brought to court, whom should the prosecuting attorney call upon for not upholding company policy?

  1. IT personnel

  2. Employees themselves

  3. Supervisors

  4. Administrative assistant in charge of writing policies

Answer: C

Question No: 72 – (Topic 1)

When investigating a network that uses DHCP to assign IP addresses, where would you look to determine which system (MAC address) had a specific IP address at a specific time?

  1. On the individual computer ARP cacheOn the individual computer? ARP cache

  2. In the Web Server log files

  3. In the DHCP Server log files

  4. There is no way to determine the specific IP address

Answer: C

Question No: 73 – (Topic 1)

When performing a forensics analysis, what device is used to prevent the system from recording data on an evidence disk?

  1. Write-blocker

  2. Protocol analyzer

  3. Firewall

  4. Disk editor

Answer: A

Question No: 74 – (Topic 1)

John is working on his company policies and guidelines. The section he is currently working on covers company documents; how they shouldJohn is working on his company? policies and guidelines. The section he is currently working on covers company documents; how they should be handled, stored, and eventually destroyed. John is concerned about the process whereby outdated documents are destroyed. What type of shredder should John write in the guidelines to be used when destroying documents?

  1. Strip-cut shredder

  2. Cross-cut shredder

  3. Cross-hatch shredder

  4. Cris-cross shredder

Answer: B

Question No: 75 – (Topic 1)

An on-site incident response team is called to investigate an alleged case of computer tampering within their company. Before proceeding with the investigation, the CEO informs them that the incident will be classified as ow level? How long will the team have to respond to the incident?the investigation, the CEO informs them that the incident will be classified as ?ow level? How long will the team have to respond to the incident?

  1. One working day

  2. Two working days

  3. Immediately

  4. Four hours

Answer: A

Topic 2, Volume B

Question No: 76 – (Topic 2)

While working for a prosecutor, What do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense ?

  1. Keep the information of file for later review

  2. Destroy the evidence

  3. Bring the information to the attention of the prosecutor, his or her supervisor or finally to the judge

  4. Present the evidence to the defense attorney

Answer: C

Question No: 77 – (Topic 2)

If you see the files Zer0.tar.gz and copy.tar.gz on a Linux system while doing an investigation, what can you conclude?

  1. The system has been compromised using a t0rnrootkit

  2. The system administrator has created an incremental backup

  3. The system files have been copied by a remote attacker

  4. Nothing in particular as these can be operational files

Answer: D

Question No: 78 – (Topic 2)

To make sure the evidence you recover and analyze with computer forensics software can be admitted in court, you must test and validate the software. What group is actively providing tools and creating procedures for testing and validating computer forensics software ?

  1. Computer Forensics Tools and Validation Committee (CFTVC)

  2. Association of Computer Forensics Software Manufactures (ACFSM)

  3. National Institute of Standards and Technology (NIST)

  4. Society for Valid Forensics Tools and Testing (SVFTT)

Answer: C

Question No: 79 – (Topic 2)

Click on the Exhibit Button Paulette works for an IT security consulting company that is currently performing an audit for the firm ACE Unlimited. Paulette#39;s duties include logging on to all the company#39;s network equipment to ensure IOS versions are up-to-date and all the other security settings are as stringent as possible. Paulette presents the following screenshot to her boss so he can inform the client about necessary changes need to be made. From the screenshot, what changes should the client company make?

  1. The banner should include the Cisco tech support contact information as well

  2. The banner should have more detail on the version numbers for the networkeQuipment

  3. The banner should not state quot;only authorized IT personnel may proceedquot;

  4. Remove any identifying numbers, names, or version information

Answer: D

Question No: 80 – (Topic 2)

You are a security analyst performing a penetration tests for a company in the Midwest. After some initial reconnaissance, you discover the IP addresses of some Cisco routers used by the company. You type in the following URL that includes the IP address of one of the routers:

http://172.168.4.131/level/99/exec/show/config

After typing in this URL, you are presented with the entire configuration file for that router. What have you discovered?

  1. URL Obfuscation Arbitrary Administrative Access Vulnerability

  2. HTML Configuration Arbitrary Administrative Access Vulnerability

  3. Cisco IOS Arbitrary Administrative Access Online Vulnerability

  4. HTTP Configuration Arbitrary Administrative Access Vulnerability

Answer: D

100% Ensurepass Free Download!
Download Free Demo:EC1-349 Demo PDF
100% Ensurepass Free Guaranteed!
EC1-349 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No