ECCouncil EC1-349 - ECCouncil Computer Hacking Forensic Investigator Exam

Page:    1 / 62   
Total 306 questions

What must be obtained before an investigation is carried out at a location?

  • A. Search warrant
  • B. Subpoena
  • C. Habeas corpus
  • D. Modus operandi


Answer : A

What happens when a file is deleted by a Microsoft operating system using the FAT file system?

  • A. The file is erased and cannot be recovered
  • B. The file is erased but can be recovered partially
  • C. A copy of the file is stored and the original file is erased
  • D. Only the reference to the file is removed from the FAT and can be recovered


Answer : D

The efforts to obtain information before a trial by demanding documents, depositions, questions and answers written under oath, written requests for admissions of fact, and examination of the scene is a description of what legal term?

  • A. Detection
  • B. Hearsay
  • C. Spoliation
  • D. Discovery


Answer : D

What hashing method is used to password protect Blackberry devices?

  • A. AES
  • B. RC5
  • C. MD5
  • D. SHA-1


Answer : D

Under confession, an accused criminal admitted to encrypting child pornography pictures and then hiding them within other pictures. What technique did the accused criminal employ?

  • A. Typography
  • B. Steganalysis
  • C. Picture encoding
  • D. Steganography


Answer : D

Page:    1 / 62   
Total 306 questions