Exam Details
Exam Code
:EC0-349Exam Name
:Computer Hacking Forensic InvestigatorCertification
:EC-COUNCIL CertificationsVendor
:EC-COUNCILTotal Questions
:304 Q&AsLast Updated
:Apr 13, 2025
EC-COUNCIL EC-COUNCIL Certifications EC0-349 Questions & Answers
-
Question 181:
What is the first step taken in an investigation for laboratory forensic staff members?
A. Packaging the electronic evidence
B. Securing and evaluating the electronic crime scene
C. Conducting preliminary interviews
D. Transporting the electronic evidence
-
Question 182:
What type of analysis helps to identify the time and sequence of events in an investigation?
A. Time-based
B. Functional
C. Relational
D. Temporal
-
Question 183:
Cylie is investigating a network breach at a state organization in Florida. She discovers that the intruders were able to gain access into the company firewalls by overloading them with IP packets. Cylie then
discovers through her investigation that the intruders hacked into the company phone system and used the hard drives on their PBX system to store shared music files. What would this attack on the company PBX system be called?
A. Phreaking
B. Squatting
C. Crunching
D. Pretexting
-
Question 184:
What will the following command accomplish in Linux? fdisk /dev/hda
A. Partition the hard drive
B. Format the hard drive
C. Delete all files under the /dev/hda folder
D. Fill the disk with zeros
-
Question 185:
In the following email header, where did the email first originate from?
A. Somedomain.com
B. Smtp1.somedomain.com
C. Simon1.state.ok.gov.us
D. David1.state.ok.gov.us
-
Question 186:
Which forensic investigating concept trails the whole incident from how the attack began to how the victim was affected?
A. Point-to-point
B. End-to-end
C. Thorough
D. Complete event analysis
-
Question 187:
Sniffers that place NICs in promiscuous mode work at what layer of the OSI model?
A. Network
B. Transport
C. Physical
D. Data Link
-
Question 188:
Where are files temporarily written in Unix when printing?
A. /usr/spool
B. /var/print
C. /spool
D. /var/spool
-
Question 189:
All Blackberry email is eventually sent and received through what proprietary RIM-operated mechanism?
A. Blackberry Message Center
B. Microsoft Exchange
C. Blackberry WAP gateway
D. Blackberry WEP gateway
-
Question 190:
What type of flash memory card comes in either Type I or Type II and consumes only five percent of the power required by small hard drives?
A. SD memory
B. CF memory
C. MMC memory
D. SM memory
Related Exams:
112-51
EC-Council Certified Network Defense Essentials (NDE)212-77
EC-Council Certified Linux Security212-81
EC-Council Certified Encryption Specialist (ECES)212-82
EC-Council Certified Cybersecurity Technician (C|CT)212-89
EC-Council Certified Incident Handler (ECIH)312-38
EC-Council Certified Network Defender (CND)312-39
EC-Council Certified SOC Analyst (CSA)312-40
EC-Council Certified Cloud Security Engineer (CCSE)312-49
ECCouncil Computer Hacking Forensic Investigator (V9)312-49V10
EC-Council Certified Computer Hacking Forensic Investigator (V10)
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your EC0-349 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.