Updated EC0-349 exam question Guide

We promise you full success along with our EC-Council EC-Council practice braindumps. In any other case, you can get 100% refund. You must email us your failed transcript and relevant data; then you will get the money of purchasing charges back while soon while possible. Will not worry about your own personal details, many of us keep them strictly confidential. However, if you require extra information, it is possible to contact us via email or live chat. Our assist staff is knowledgeable and educated, who may able to answer your entire questions satisfactorily.

2021 Feb EC0-349 free practice exam

Q11. You are assisting in the investigation of a possible Web Server hack. The company who called you stated that customers reported to them that whenever they entered the web address of the 

company in their browser, what they received was a pornographic web site. The company checked the web server and nothing appears wrong. When you type in the IP address of the web site in your browser everything appears normal. What is the name of the attack that affects the DNS cache of the name resolution servers, resulting in those servers directing users to the wrong web site? 

A. ARP Poisoning 

B. IP Spoofing 

C. HTTP redirect attack 

D. DNS Poisoning 


Q12. In general, involves the investigation of data that can be retrieved from the hard disk or other disks of a computer by applying scientific methods to retrieve the data. 

A. disaster recovery 

B. network forensics 

C. data recovery 

D. computer forensics 


Q13. When reviewing web logs, you see an entry for resource not found in the HTTP status code field. What is the actual error code that you would see in the log for resource not found? 

A. 606 

B. 202 

C. 404 

D. 909 


Q14. When setting up a wireless network with multiple access points, why is it important to set each access point on a different channel? 

A. Multiple access points can be set up on the same channel without any issues 

B. Avoid over-saturation of wireless signals 

C. So that the access points will work on differentfreQuencies 

D. Avoid cross talk 


Q15. What term is used to describe a cryptographic technique for embedding information into something else for the sole purpose of hiding that information from the casual observer? 

A. offset 

B. rootkit 

C. steganography 

D. key escrow 


Most recent EC0-349 free practice test:

Q16. Profiling is a forensics technique for analyzing evidence with the goal of identifying the perpetrator from their pervious activity. After a computer has been compromised by a hacker, which of the following would be most important in forming a profile of the incident? 

A. The vulnerability exploited in the incident 

B. The manufacture of the system compromised 

C. The nature of the attack 

D. The logic, formatting and elegance of the code used in the attack 


Q17. When reviewing web logs, you see an entry for resource not found in the HTTP status code field. What is the actual error code that you would see in the log for resource not found? 

A. 909 

B. 606 

C. 202 

D. 404 


Q18. You should make at least how many bit-stream copies of a suspect drive? 

A. 3 

B. 4 

C. 2 

D. 1 


Q19. While working for a prosecutor, what do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense? 

A. destroy the evidence 

B. bring the information to the attention of the prosecutor, his or her supervisor or finally to the judge (court) 

C. present the evidence to the defense attorney 

D. keep the information on file for later review 


Q20. Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance agreement he signed with the client, Harold is performing research online and seeing how much exposure the site has received so far. Harold navigates to google.com and types in the following search. link:www.ghttech.net What will this search produce? 

A. All sites that ghttech.net links to 

B. All sites that link to ghttech.net 

C. All search engines that link to .net domains 

D. Sites that contain the code: link:www.ghttech.net 


see more EC0-349 dumps