Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-349

Free EC-Council EC0-349 Exam Questions (page: 26)

Page 18 of 94
PDF with 374 Questions

A suspect is accused of violating the acceptable use of computing resources, as he has visited adult websites and downloaded images. The investigator wants to demonstrate that the suspect did indeed visit these sites. However, the suspect has cleared the search history and emptied the cookie cache. Moreover, he has removed any images he might have downloaded. What can the investigator do to prove the violation? Choose the most feasible option.

  1. Approach the websites for evidence
  2. Check the Windows registry for connection data (You may or may not recover)
  3. Seek the help of co-workers who are eye-witnesses
  4. Image the disk and try to recover deleted files

Answer(s): D



This is the original file structure database that Microsoft originally designed for floppy disks. It is written to the outermost track of a disk and contains information about each file stored on the drive.

  1. Disk Operating System (DOS)
  2. Master File Table (MFT)
  3. Master Boot Record (MBR)
  4. File Allocation Table (FAT)

Answer(s): D



Which of the following is NOT a graphics file?

  1. Picture1.tga
  2. Picture3.nfo
  3. Picture4.psd
  4. Picture2.bmp

Answer(s): B



_____________ is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence.

  1. Event reaction
  2. Network forensics
  3. Incident response
  4. Computer forensics

Answer(s): D



Viewing page 26 of 94



Post your Comments and Discuss EC-Council EC0-349 exam prep with other Community members:

EC0-349 Exam Discussions & Posts