
Online Questions - Valid Practice 312-49v10 Exam Dumps Test Questions
100% Real 312-49v10 dumps - Brilliant 312-49v10 Exam Questions PDF
NEW QUESTION # 311
What advantage does the tool Evidor have over the built-in Windows search?
- A. It can find bad sectors on the hard drive
- B. It can find deleted files even after they have been physically removed
- C. It can find files hidden within ADS
- D. It can search slack space
Answer: D
NEW QUESTION # 312
What malware analysis operation can the investigator perform using the jv16 tool?
- A. Registry Analysis/Monitoring
- B. Network Traffic Monitoring/Analysis
- C. Installation Monitor
- D. Files and Folder Monitor
Answer: A
NEW QUESTION # 313
Steve received a mail that seemed to have come from her bank. The mail has instructions for Steve to click on a link and provide information to avoid the suspension of her account. The link in the mail redirected her to a form asking for details such as name, phone number, date of birth, credit card number or PIN, CW code, SNNs, and email address. On a closer look, Steve realized that the URL of the form in not the same as that of her bank's. Identify the type of external attack performed by the attacker In the above scenario?
- A. Brute-force
- B. Taiigating
- C. Aphishing
- D. Espionage
Answer: C
NEW QUESTION # 314
An investigator has extracted the device descriptor for a 1GB thumb drive that looks like: Disk&Ven_Best_Buy&Prod_Geek_Squad_U3&Rev_6.15. What does the "Geek_Squad" part represent?
- A. Software or OS used
- B. Manufacturer Details
- C. Developer description
- D. Product description
Answer: D
NEW QUESTION # 315
You are conducting an investigation of fraudulent claims in an insurance company that involves complex text searches through large numbers of documents. Which of the following tools would allow you to quickly and efficiently search for a string within a file on the bitmap image of the target computer?
- A. vim
- B. grep
- C. Stringsearch
- D. dir
Answer: B
NEW QUESTION # 316
Which of the following technique creates a replica of an evidence media?
- A. Backup
- B. Data Deduplication
- C. Bit Stream Imaging
- D. Data Extraction
Answer: C
NEW QUESTION # 317
You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities: When you type this and click on search, you receive a pop-up window that says: "This is a test." What is the result of this test?
- A. Your website is vulnerable to CSS
- B. Your website is not vulnerable
- C. Your website is vulnerable to SQL injection
- D. Your website is vulnerable to web bugs
Answer: A
NEW QUESTION # 318
Which of the following statements is true regarding SMTP Server?
- A. SMTP Server breaks the recipient's address into Recipient's name and recipient's address before passing it to the DNS Server
- B. SMTP Server breaks the recipient's address into Recipient's name and his/her initial before passing it to the DNS Server
- C. SMTP Server breaks the recipient's address into Recipient's name and his/her designation before passing it to the DNS Server
- D. SMTP Server breaks the recipient's address into Recipient's name and domain name before passing it to the DNS Server
Answer: D
NEW QUESTION # 319
Which file is a sequence of bytes organized into blocks understandable by the system's linker?
- A. source file
- B. None of these
- C. Object file
- D. executable file
Answer: C
NEW QUESTION # 320
At what layer of the OSI model do routers function on?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: A
NEW QUESTION # 321
In General, __________________ Involves the investigation of data that can be retrieved from the hard disk or other disks of a computer by applying scientific methods to retrieve the data.
- A. Data Recovery
- B. Disaster Recovery
- C. Network Forensics
- D. Computer Forensics
Answer: D
NEW QUESTION # 322
Which of the following acts as a network intrusion detection system as well as network intrusion prevention system?
- A. Nikto
- B. Accunetix
- C. Snort
- D. Kismet
Answer: C
NEW QUESTION # 323
Which of the following is NOT a part of pre-investigation phase?
- A. Gathering evidence data
- B. Gathering information about the incident
- C. Building forensics workstation
- D. Creating an investigation team
Answer: A
NEW QUESTION # 324
What type of equipment would a forensics investigator store in a StrongHold bag?
- A. PDAPDA?
- B. Wireless cards
- C. Hard drives
- D. Backup tapes
Answer: B
NEW QUESTION # 325
Which layer of iOS architecture should a forensics investigator evaluate to analyze services such as Threading, File Access, Preferences, Networking and high-level features?
- A. Media services
- B. Core OS
- C. Core Services
- D. Cocoa Touch
Answer: B
NEW QUESTION # 326
What technique used by Encase makes it virtually impossible to tamper with evidence once it has been acquired?
- A. Every byte of the file(s) is copied to three different hard drives
- B. Every byte of the file(s) is given an MD5 hash to match against a master file
- C. Every byte of the file(s) is encrypted using three different methods
- D. Every byte of the file(s) is verified using 32-bit CRC
Answer: D
NEW QUESTION # 327
James, a hacker, identifies a vulnerability in a website. To exploit the vulnerability, he visits the login page and notes down the session ID that is created. He appends this session ID to the login URL and shares the link with a victim. Once the victim logs into the website using the shared URL, James reloads the webpage (containing the URL with the session ID appended) and now, he can browse the active session of the victim. Which attack did James successfully execute?
- A. Session Fixation Attack
- B. Parameter Tampering
- C. Cross Site Request Forgery
- D. Cookie Tampering
Answer: A
NEW QUESTION # 328
Frank is working on a vulnerability assessment for a company on the West coast. The company hired Frank to assess its network security through scanning, pen tests, and vulnerability assessments. After discovering numerous known vulnerabilities detected by a temporary IDS he set up, he notices a number of items that show up as unknown but Questionable in the logs. He looks up the behavior on the Internet, but cannot find anything related. What organization should Frank submit the log to find out if it is a new vulnerability or not?
- A. IANA
- B. APIPA
- C. CVE
- D. RIPE
Answer: C
NEW QUESTION # 329
An investigator needs to perform data acquisition from a storage media without altering its contents to maintain the Integrity of the content. The approach adopted by the Investigator relies upon the capacity of enabling read-only access to the storage medi a. Which tool should the Investigator Integrate Into his/her procedures to accomplish this task?
- A. Data duplication tool
- B. Backup tool
- C. BitLocker
- D. Write blocker
Answer: A
NEW QUESTION # 330
What is the primary function of the tool CHKDSK in Windows that authenticates the file system reliability of a volume?
- A. Check the disk for connectivity errors
- B. Repairs logical file system errors
- C. Check the disk for hardware errors
- D. Check the disk for Slack Space
Answer: B
NEW QUESTION # 331
Which of the following files gives information about the client sync sessions in Google Drive on Windows?
- A. Sync_log.log
- B. sync.log
- C. sync_log.log
- D. Sync.log
Answer: A
NEW QUESTION # 332
When analyzing logs, it is important that the clocks of all the network devices are synchronized. Which protocol will help in synchronizing these clocks?
- A. UTC
- B. Time Protocol
- C. NTP
- D. PTP
Answer: C
NEW QUESTION # 333
Michael works for Kimball Construction Company as senior security analyst. As part of yearly security audit, Michael scans his network for vulnerabilities. Using Nmap, Michael conducts XMAS scan and most of the ports scanned do not give a response. In what state are these ports?
- A. Closed
- B. Open
- C. Filtered
- D. Stealth
Answer: B
NEW QUESTION # 334
......
312-49v10 Exam PDF [2023] Tests Free Updated Today with Correct 706 Questions: https://www.fast2test.com/312-49v10-premium-file.html
EC-COUNCIL 312-49v10 Exam Preparation Guide and PDF Download: https://drive.google.com/open?id=1qkjocwQZsaeKzBnNUkZ72044SB13N1pk