← Back to exam page

EC0-479 EC-Council Certified Security Analyst (ECSA)

Loading demo links...

Showing 1–3 of 12 questions

Question 1 (Volume C)

In the context of file deletion process, which of the following statement holds true?

Select all that apply, then click Submit answer.

  • When files are deleted, the data is overwritten and the cluster marked as available

  • The longer a disk is inuse, the less likely it is that deleted files will be overwritten

  • While booting, the machine may create temporary files that can delete evidence

  • Secure delete programs work by completely overwriting the file in one go
Question 2 (Volume B)

You setup SNMP in multiple offices of your company. Your SNMP software manager is not receiving data from other offices like it is for your main office. You suspect that firewall changes are to blame. What ports should you open for SNMP to work through Firewalls (Select 2)

Select all that apply, then click Submit answer.

  • 162

  • 160

  • 161

  • 163
Question 3 (Volume C)

E-mail logs contain which of the following information to help you in your investigation? (Select up to 4)

Select all that apply, then click Submit answer.

  • user account that was used to send the account

  • attachments sent with the e-mail message

  • unique message identifier

  • contents of the e-mail message

  • date and time the message was sent