EC-Council EC0-349 ECCouncil Computer Hacking Forensic Investigator EC0-349 Dumps in PDF

Free EC-Council EC0-349 Real Questions (page: 56)

Why should you note all cable connections for a computer you want to seize as evidence?

  1. to know what cable connections existed
  2. to know what hardware existed
  3. to prepare for shutting down the computer
  4. to document the evidence

Answer(s): A



What happens when a file is deleted by a Microsoft operating system using the FAT file system?

  1. the file is erased but can be recovered
  2. only the reference to the file is removed from the FAT
  3. the file is erased and cannot be recovered
  4. a copy of the file is stored and the original file is erased

Answer(s): B



In conducting a computer abuse investigation you become aware that the suspect of the investigation is using ABC Company as his Internet Service Provider (ISP). You contact the ISP and request that they provide you assistance with your investigation. What assistance can the ISP provide?

  1. the ISP can investigate computer abuse committed by their employees, but must preserve the privacy of their customers and therefore cannot assist you without a warrant
  2. the ISP can investigate anyone using their service and can provide you with assistance
  3. ISPs never maintain log files so they would be of no use to your investigation
  4. the ISP cannot conduct any type of investigations on anyone and therefore cannot assist you

Answer(s): A



What should you do when approached by a reporter about a case that you are working on or have worked on?

  1. refer the reporter to the attorney that retained you
  2. answer only the questions that help your case
  3. say, "no comment"
  4. answer all the reporters questions as completely as possible

Answer(s): A



You should make at least how many bit-stream copies of a suspect drive?

  1. 2
  2. 3
  3. 1
  4. 4

Answer(s): A



Share your comments for EC-Council EC0-349 exam with other users:

A
Abduraimov
4/19/2023 12:43:00 AM

preparing for this exam is overwhelming. you cannot pass without the help of these exam dumps.

P
Puneeth
10/5/2023 2:06:00 AM

new to this site but i feel it is good

A
Ashok Kumar
1/2/2024 6:53:00 AM

the correct answer to q8 is b. explanation since the mule app has a dependency, it is necessary to include project modules and dependencies to make sure the app will run successfully on the runtime on any other machine. source code of the component that the mule app is dependent of does not need to be included in the exported jar file, because the source code is not being used while executing an app. compiled code is being used instead.

M
Merry
7/30/2023 6:57:00 AM

good questions

V
VoiceofMidnight
12/17/2023 4:07:00 PM

Delayed the exam until December 29th.

U
Umar Ali
8/29/2023 2:59:00 PM

A and D are True

V
vel
8/28/2023 9:17:09 AM

good one with explanation

G
Gurdeep
1/18/2024 4:00:15 PM

This is one of the most useful study guides I have ever used.

AI Tutor 👋 I’m here to help!