Harold is finishing up a report on a case of network intrusion, corporate spying, and embezzlement that he
has been working on for over six months. He is trying to find the right term to use in his report to describe
network-enabled spying.
What term should Harold use?
A. Spycrack
B. Spynet
C. Netspionage
D. Hackspionage
What is considered a grant of a property right given to an individual who discovers or invents a new machine, process, useful composition of matter or manufacture?
A. Copyright
B. Design patent
C. Trademark
D. Utility patent
Where is the startup configuration located on a router?
A. Static RAM
B. BootROM
C. NVRAM
D. Dynamic RAM
While searching through a computer under investigation, you discover numerous files that appear to have had the first letter of the file name replaced by the hex code byte 5h. What does this indicate on the computer?
A. The files have been marked as hidden
B. The files have been marked for deletion
C. The files are corrupt and cannot be recovered
D. The files have been marked as read-only
While presenting his case to the court, Simon calls many witnesses to the stand to testify. Simon decides to call Hillary Taft, a lay witness, to the stand. Since Hillary is a lay witness, what field would she be considered an expert in?
A. Technical material related to forensics
B. No particular field
C. Judging the character of defendants/victims
D. Legal issues
When operating systems mark a cluster as used but not allocated, the cluster is considered as _________
A. Corrupt
B. Bad
C. Lost
D. Unallocated
In handling computer-related incidents, which IT role should be responsible for recovery, containment, and prevention to constituents?
A. Security Administrator
B. Network Administrator
C. Director of Information Technology
D. Director of Administration
What will the following Linux command accomplish? dd if=/dev/mem of=/home/sam/mem.bin bs=1024
A. Copy the master boot record to a file
B. Copy the contents of the system folder to a file
C. Copy the running memory to a file
D. Copy the memory dump file to an image file
Before performing a logical or physical search of a drive in Encase, what must be added to the program?
A. File signatures
B. Keywords
C. Hash sets
D. Bookmarks
When a router receives an update for its routing table, what is the metric value change to that path?
A. Increased by 2
B. Decreased by 1
C. Increased by 1
D. Decreased by 2
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-349 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.