EC0-349の無料問題集（490題）、EC0-349認定試験参考書

EC-COUNCIL EC0-349 問題集

試験コード：EC0-349

試験名称：Computer Hacking Forensic Investigator

最近更新時間：2025-07-02

問題と解答：全490問

EC0-349 無料でデモをダウンロード：

PDF版 Demo ソフト版 Demo オンライン版 Demo

無料問題集EC0-349 資格取得

質問 1：
When investigating a Windows System, it is important to view the contents of the page or swap file because:
A. This is the file that windows use to store the history of the last 100 commands that were run from the command line
B. A Large volume of data can exist within the swap file of which the computer user has no knowledge
C. Windows stores all of the systems configuration information in this file
D. This is file that windows use to communicate directly with Registry
正解：B

質問 2：
You have completed a forensic investigation case. You would like to destroy the data contained in various disks at the forensics lab due to sensitivity of the case. How would you permanently erase the data on the hard disk?
A. Run the powerful magnets over the hard disk
B. Throw the hard disk into the fire
C. Overwrite the contents of the hard disk with Junk data
D. Format the hard disk multiple times using a low level disk utility
正解：B,D
解説: (Topexam メンバーにのみ表示されます)

質問 3：
Netstat is a tool for collecting Information regarding network connections. It provides a simple view of TCP and UDP connections, and their state and network traffic statistics.
Which of the following commands shows you the TCP and UDP network connections, listening ports, and the identifiers?
A. netstat -b
B. netstat -r
C. netstat -s
D. netstat -ano
正解：D

質問 4：
Which federal computer crime law specifically refers to fraud and related activity in connection with access devices like routers?
A. 18 U.S.C. 1362
B. 18 U.S.C. 1029
C. 18 U.S.C. 2511
D. 18 U.S.C. 2703
正解：B

質問 5：
Computer security logs contain information about the events occurring within an organization's systems and networks. Application and Web server log files are useful in detecting web attacks.
The source, nature, and time of the attack can be determined by _________of the compromised system.
A. Analyzing log files
B. Analyzing rainbow tables
C. Analyzing hard disk boot records
D. Analyzing SAM file
正解：A

質問 6：
Which of the following is NOT a graphics file?
A. Picture3.nfo
B. Picture2.bmp
C. Picture1.tga
D. Picture4.psd
正解：A

質問 7：
Bill is the accounting manager for Grummon and Sons LLC in Chicago. On a regular basis, he needs to send PDF documents containing sensitive information through E-mail to his customers.
Bill protects the PDF documents with a password and sends them to their intended recipients.
Why PDF passwords do not offer maximum protection?
A. When sent through E-mail, PDF passwords are stripped from the document completely
B. PDF passwords are not considered safe by Sarbanes-Oxley
C. PDF passwords are converted to clear text when sent through E-mail
D. PDF passwords can easily be cracked by software brute force tools
正解：D

質問 8：
Data Acquisition is the process of imaging or otherwise obtaining information from a digital device and its peripheral equipment and media
A. False
B. True
正解：B

TopExamは君にEC0-349の問題集を提供して、あなたの試験への復習にヘルプを提供して、君に難しい専門知識を楽に勉強させます。TopExamは君の試験への合格を期待しています。

一年間の無料更新サービスを提供します

君が弊社のEC-COUNCIL EC0-349をご購入になってから、我々の承諾する一年間の更新サービスが無料で得られています。弊社の専門家たちは毎日更新状態を検査していますから、この一年間、更新されたら、弊社は更新されたEC-COUNCIL EC0-349をお客様のメールアドレスにお送りいたします。だから、お客様はいつもタイムリーに更新の通知を受けることができます。我々は購入した一年間でお客様がずっと最新版のEC-COUNCIL EC0-349を持っていることを保証します。

弊社のEC-COUNCIL EC0-349を利用すれば試験に合格できます

弊社のEC-COUNCIL EC0-349は専門家たちが長年の経験を通して最新のシラバスに従って研究し出した勉強資料です。弊社はEC0-349問題集の質問と答えが間違いないのを保証いたします。

この問題集は過去のデータから分析して作成されて、カバー率が高くて、受験者としてのあなたを助けて時間とお金を節約して試験に合格する通過率を高めます。我々の問題集は的中率が高くて、100％の合格率を保証します。我々の高質量のEC-COUNCIL EC0-349を利用すれば、君は一回で試験に合格できます。

安全的な支払方式を利用しています

Credit Cardは今まで全世界の一番安全の支払方式です。少数の手続きの費用かかる必要がありますとはいえ、保障があります。お客様の利益を保障するために、弊社のEC0-349問題集は全部Credit Cardで支払われることができます。

領収書について：社名入りの領収書が必要な場合、メールで社名に記入していただき送信してください。弊社はPDF版の領収書を提供いたします。

弊社は無料EC-COUNCIL EC0-349サンプルを提供します

お客様は問題集を購入する時、問題集の質量を心配するかもしれませんが、我々はこのことを解決するために、お客様に無料EC0-349サンプルを提供いたします。そうすると、お客様は購入する前にサンプルをダウンロードしてやってみることができます。君はこのEC0-349問題集は自分に適するかどうか判断して購入を決めることができます。

EC0-349試験ツール：あなたの訓練に便利をもたらすために、あなたは自分のペースによって複数のパソコンで設置できます。

弊社は失敗したら全額で返金することを承諾します

我々は弊社のEC0-349問題集に自信を持っていますから、試験に失敗したら返金する承諾をします。我々のEC-COUNCIL EC0-349を利用して君は試験に合格できると信じています。もし試験に失敗したら、我々は君の支払ったお金を君に全額で返して、君の試験の失敗する経済損失を減少します。

EC-COUNCIL Computer Hacking Forensic Investigator 認定 EC0-349 試験問題:

1. Julia is a senior security analyst for Berber Consulting group. She is currently working on a contract for a small accounting firm in Florida. They have given her permission to perform social engineering attacks on the company to see if their in-house training did any good. Julia calls the main number for the accounting firm and talks to the receptionist. Julia says that she is an IT technician from the company's main office in Iowa. She states that she needs the receptionist's network username and password to troubleshoot a problem they are having. Julia says that Bill Hammond, the CEO of the company, reQuested this information. After hearing the name of the CEO, the receptionist gave Julia all the information she asked for.
What principal of social engineering did Julia use?

A) Social Validation
B) Friendship/Liking
C) Scarcity
D) Reciprocation

2. When obtaining a warrant it is important to:

A) particularly describe the place to be searched and particularly describe the items to be seized
B) generally describe the place to be searched and particularly describe the items to be seized
C) generally describe the place to be searched and generally describe the items to be seized
D) particularly describe the place to be searched and generally describe the items to be seized

3. After attending a CEH security seminar, you make a list of changes you would like to perform on your network to increase its security. One of the first things you change is to switch the RestrictAnonymous setting from 0 to 1 on your servers. This, as you were told, would prevent anonymous users from establishing a null session on the server. Using Userinfo tool mentioned at the seminar, you succeed in establishing a null session with one of the servers. Why is that?

A) RestrictAnonymous must be set to "3" for complete security
B) RestrictAnonymous must be set to "10" for complete security
C) RestrictAnonymous must be set to "2" for complete security
D) There is no way to always prevent an anonymous null session from establishing

4. An intrusion detection system (IDS) gathers and analyzes information from within a computer or a network to identify any possible violations of security policy, including unauthorized access, as well as misuse.
Which of the following intrusion detection systems audit events that occur on a specific host?

A) Network-based intrusion detection
B) Log file monitoring
C) File integrity checking
D) Host-based intrusion detection

5. What type of attack sends spoofed UDP packets (instead of ping packets) with a fake source address to the IP broadcast address of a large network?

A) Fraggle
B) Teardrop
C) Smurf scan
D) SYN flood

質問と回答：

質問 # 1
正解： D

質問 # 2
正解： A

質問 # 3
正解： C

質問 # 4
正解： D

質問 # 5
正解： A