Free EC-Council EC0-349 Exam Braindumps (page: 16)

What binary coding is used most often for e-mail purposes?

  1. SMTP
  2. IMAP
  3. Uuencode
  4. MIME

Answer(s): C



In the context of file deletion process, which of the following statement holds true?

  1. The longer a disk is inuse, the less likely it is that deleted files will be overwritten
  2. Secure delete programs work by completely overwriting the file in one go
  3. When files are deleted, the data is overwritten and the cluster marked as available
  4. While booting, the machine may create temporary files that can delete evidence

Answer(s): D



When performing a forensics analysis, what device is used to prevent the system from recording data on an evidence disk?

  1. a write-blocker
  2. a disk editor
  3. a protocol analyzer
  4. a firewall

Answer(s): A



Chris has been called upon to investigate a hacking incident reported by one of his clients. The company suspects the involvement of an insider accomplice in the attack. Upon reaching the incident scene, Chris secures the physical area, records the scene using visual media. He shuts the system down by pulling the power plug so that he does not disturb the system in any way. He labels all cables and connectors prior to disconnecting any. What do you think would be the next sequence of events?

  1. Connect the target media; Prepare the system for acquisition; Secure the evidence; Copy the media
  2. Prepare the system for acquisition; Connect the target media; Copy the media; Secure the evidence
  3. Connect the target media; Prepare the system for acquisition; Secure the evidence; Copy the media
  4. Secure the evidence; Prepare the system for acquisition; Connect the target media; Copy the media

Answer(s): B






Post your Comments and Discuss EC-Council EC0-349 exam prep with other Community members:

EC0-349 Exam Discussions & Posts