Passcerty.com » EC-COUNCIL » CHFI » EC1-349

EC1-349 Exam Questions & Answers

Exam Code: EC1-349

Exam Name: Computer Hacking Forensic Investigator Exam

Updated: Mar 23, 2024

Q&As: 486

At Passcerty.com, we pride ourselves on the comprehensive nature of our EC1-349 exam dumps, designed meticulously to encompass all key topics and nuances you might encounter during the real examination. Regular updates are a cornerstone of our service, ensuring that our dedicated users always have their hands on the most recent and relevant Q&A dumps. Behind every meticulously curated question and answer lies the hard work of our seasoned team of experts, who bring years of experience and knowledge into crafting these premium materials. And while we are invested in offering top-notch content, we also believe in empowering our community. As a token of our commitment to your success, we're delighted to offer a substantial portion of our resources for free practice. We invite you to make the most of the following content, and wish you every success in your endeavors.


Download Free EC-COUNCIL EC1-349 Demo

Experience Passcerty.com exam material in PDF version.
Simply submit your e-mail address below to get started with our PDF real exam demo of your EC-COUNCIL EC1-349 exam.

Instant download
Latest update demo according to real exam

*Email Address

* Our demo shows only a few questions from your selected exam for evaluating purposes

Free EC-COUNCIL EC1-349 Dumps

Practice These Free Questions and Answers to Pass the CHFI Exam

Questions 1

In the context of file deletion process, which of the following statement holds true?

A. When files are deleted, the data is overwritten and the cluster marked as available

B. The longer a disk is in use, the less likely it is that deleted files will be overwritten

C. While booting, the machine may create temporary files that can delete evidence

D. Secure delete programs work by completely overwriting the file in one go

Show Answer
Questions 2

Paul is a computer forensics investigator working for Tyler and Company Consultants. Paul has been called upon to help investigate a computer hacking ring broken up by the local police. Paul begins to inventory the PCs found in the hackers?hideout. Paul then comes across a PDA left by them that is attached to a number of different peripheral devices. What is the first step that Paul must take with the PDA to ensure the integrity of the investigation?

A. Place PDA, including all devices, in an antistatic bag

B. Unplug all connected devices

C. Power off all devices if currently on

D. Photograph and document the peripheral devices

Show Answer
Questions 3

Click on the Exhibit Button Paulette works for an IT security consulting company that is currently performing an audit for the firm ACE Unlimited. Paulette's duties include logging on to all the company's network equipment to ensure IOS versions are up-to-date and all the other security settings are as stringent as possible. Paulette presents the following screenshot to her boss so he can inform the client about necessary changes need to be made. From the screenshot, what changes should the client company make?

A. The banner should include the Cisco tech support contact information as well

B. The banner should have more detail on the version numbers for the networkeQuipment

C. The banner should not state "only authorized IT personnel may proceed"

D. Remove any identifying numbers, names, or version information

Show Answer
Questions 4

What is the "Best Evidence Rule"?

A. It states that the court only allows the original evidence of a document, photograph, or recording at the trial rather than a copy

B. It contains system time, logged-on user(s), open files, network information, process information, process-to-port mapping, process memory, clipboard contents, service/driver information, and command history

C. It contains hidden files, slack space, swap file, index.dat files, unallocated clusters, unused partitions, hidden partitions, registry settings, and event logs

D. It contains information such as open network connection, user logout, programs that reside in memory, and cache data

Show Answer
Questions 5

Billy, a computer forensics expert, has recovered a large number of DBX files during forensic investigation of a laptop. Which of the following email clients he can use to analyze the DBX files?

A. Microsoft Outlook

B. Microsoft Outlook Express

C. Mozilla Thunderoird

D. Eudora

Show Answer

Viewing Page 1 of 3 pages. Download PDF or Software version with 486 questions