EC-COUNCIL Computer Hacking Forensic Investigator - EC0-349 模擬練習
Data Acquisition is the process of imaging or otherwise obtaining information from a digital device and its peripheral equipment and media
正解: A
When should an MD5 hash check be performed when processing evidence?
正解: D
The police believe that Mevin Matthew has been obtaining unauthorized access to computers belonging to numerous computer software and computer operating systems manufacturers, cellular telephone manufacturers, Internet Service Providers, and educational institutions. They also suspect that he has been stealing, copying, and misappropriating proprietary computer software belonging to the several victim companies. What is preventing the police from breaking down the suspect door and searching his home and seizing all of his computer equipment if they haveis preventing the police from breaking down the suspect? door and searching his home and seizing all of his computer equipment if they have not yet obtained a warrant?
正解: D
What is cold boot (hard boot)?
正解: B
John and Hillary works at the same department in the company. John wants to find out Hillary's network password so he can take a look at her documents on the file server. He enables Lophtcrack program to sniffing mode. John sends Hillary an email with a link to Error! Reference source not found. What information will he be able to gather from this?
正解: A
解説: (PassTest メンバーにのみ表示されます)
When using Windows acquisitions tools to acquire digital evidence, it is important to use a well- tested hardware write-blocking device to _________
正解: C
You are working for a large clothing manufacturer as a computer forensics investigator and are called in to investigate an unusual case of an employee possibly stealing clothing designs from the company and selling them under a different brand name for a different company. What you discover during the course of the investigation is that the clothing designs are actually original products of the employee and the company has no policy against an employee selling his own designs on his own time. The only thing that you can find that the employee is doing wrong is that his clothing design incorporates the same graphic symbol as that of the company with only the wording in the graphic being different.
What area of the law is the employee violating?
What area of the law is the employee violating?
正解: C
How often must a company keep log files for them to be admissible in a court of law?
正解: A
During the seizure of digital evidence, the suspect can be allowed touch the computer system.
正解: B
Which of the following commands shows you the username and IP address used to access the system via a remote login session and the Type of client from which they are accessing the system?
正解: A
First response to an incident may involve three different groups of people, and each will have differing skills and need to carry out differing tasks based on the incident. Who is responsible for collecting, preserving, and packaging electronic evidence?
正解: B
Microsoft Outlook maintains email messages in a proprietary format in what type of file?
正解: C
What is the CIDR from the following screenshot?
正解: C
Why is it a good idea to perform a penetration test from the inside?
正解: C