[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil EC1-349 Dumps with VCE and PDF 131-140

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC1-349
100% Free Download! 100% Pass Guaranteed!

ECCouncil Computer Hacking Forensic Investigator

Question No: 131 – (Topic 2)

Using Internet logging software to investigate a case of malicious use of computers, the investigator comes across some entries that appear odd.

Ensurepass 2018 PDF and VCE

From the log, the investigator can see where the person in question went on the Internet. From the log, it appears that the user was manually typing in different user ID numbers. What technique this user was trying?

  1. Parameter tampering

  2. Cross site scripting

  3. SQL injection

  4. Cookie Poisoning Cookie Poisoning

Answer: A

Question No: 132 – (Topic 2)

You are assisting in the investigation of a possible Web Server hack. The company who called you stated that customers reported to them that whenever they entered the web address of the company in their browser, what they received was a pornographic web site. The company checked the web server and nothing appears wrong. When you type in the IP address of the web site in your browser everything appears normal. What is the name of the attack that affects the DNS cache of the name resolution servers, resulting in those servers directing users to the wrong web site?

  1. ARP Poisoning

  2. DNS Poisoning

  3. HTTP redirect attack

  4. IP Spoofing

Answer: B

Question No: 133 – (Topic 2)

When investigating a Windows System, it is important to view the contents of the page or swap file because:

  1. Windows stores all of the systems configuration information in this file

  2. This is file that windows use to communicate directly with Registry

  3. A Large volume of data can exist within the swap file of which the computer user has no knowledge

  4. This is the file that windows use to store the history of the last 100 commands that were

run from the command line

Answer: C

Question No: 134 – (Topic 2)

How many possible sequence number combinations are there in TCP/IP protocol?

  1. 320 billion

  2. 1 billion

  3. 4 billion

  4. 32 million

Answer: C

Question No: 135 – (Topic 2)

You are a security analyst performing reconnaissance on a company you will be carrying out a penetration test for. You conduct a search for IT jobs on Dice.com and find the following information for an open position: 7 years experience in Windows Server environment 5 years experience in Exchange 2000/2003 environment Experience with Cisco Pix Firewall, Linksys 1376 router, Oracle 11i and MYOB v3.4 Accounting software are reQuired MCSA desired, MCSE, CEH preferred No Unix/Linux Experience needed What is this information posted on the job website considered?

  1. Trade secret

  2. Social engineering exploit

  3. Competitive exploit

  4. Information vulnerability

Answer: D

Question No: 136 – (Topic 2)

Which response organization tracks hoaxes as well as viruses?

  1. NIPC


  3. CERT

  4. CIAC

Answer: D

Explanation: Note: CIAC (Computer Incident Advisory Capability)

Was run by the US Department of energy

Question No: 137 – (Topic 2)

The rule of thumb when shutting down a system is to pull the power plug. However, it has certain drawbacks. Which of the following would that be?

  1. Any data not yet flushed to the system will be lost

  2. All running processes will be lost

  3. The /tmp directory will be flushed

  4. Power interruption will corrupt the pagefile

Answer: A,B

Explanation: Volitile memory will be lost.

Data is not flushed to the system, it is flushed to the disk.

Question No: 138 – (Topic 2)

Which forensic investigating concept trails the whole incident from how the attack began to how the victim was affected?

  1. Point-to-point

  2. End-to-end

  3. Thorough

  4. Complete event analysis

Answer: B

Question No: 139 – (Topic 2)

Why would you need to find out the gateway of a device when investigating a wireless attack?

  1. The gateway will be the IP of the proxy server used by the attacker to launch the attack

  2. The gateway will be the IP of the attacker computerThe gateway will be the IP of the attacker? computer

  3. The gateway will be the IP used to manage the RADIUS server

  4. The gateway will be the IP used to manage the access point

Answer: D

Question No: 140 – (Topic 2)

You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?

  1. Oligomorhic

  2. Transmorphic

  3. Polymorphic

  4. Metamorphic

Answer: D

100% Ensurepass Free Download!
Download Free Demo:EC1-349 Demo PDF
100% Ensurepass Free Guaranteed!
EC1-349 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.