• Home
  • Articles
  • [2021] Valid 312-49v10 test answers & EC-COUNCIL 312-49v10 exam pdf [Q343-Q368]

[2021] Valid 312-49v10 test answers & EC-COUNCIL 312-49v10 exam pdf [Q343-Q368]

Share

[2021] Valid 312-49v10 test answers & EC-COUNCIL 312-49v10 exam pdf

Verified 312-49v10 dumps Q&As - Pass Guarantee or Full Refund


EC-COUNCIL 312-49v10 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Data Acquisition and Duplication
  • Linux and Mac Forensics
Topic 2
  • Defeating Anti-Forensics Techniques
  • Malware Forensics
Topic 3
  • Computer Forensics Investigation Process
  • Dark Web Forensics
  • Mobile Forensics
Topic 4
  • Database Forensics
  • Network Forensics
  • Windows Forensics
Topic 5
  • Understanding Hard Disks and File Systems
  • Investigating Email Crimes
Topic 6
  • Computer Forensics in Today’s World
  • Investigating Web Attacks

 

NEW QUESTION 343
An investigator has acquired packed software and needed to analyze it for the presence of malice. Which of the following tools can help in finding the packaging software used?

  • A. SysAnalyzer
  • B. PEiD
  • C. Dependency Walker
  • D. Comodo Programs Manager

Answer: B

 

NEW QUESTION 344
Why is it a good idea to perform a penetration test from the inside?

  • A. Because 70% of attacks are from inside the organization
  • B. To attack a network from a hacker's perspective
  • C. It is never a good idea to perform a penetration test from the inside
  • D. It is easier to hack from the inside

Answer: A

 

NEW QUESTION 345
George is a senior security analyst working for a state agency in Florid a. His state's congress just passed a bill mandating every state agency to undergo a security audit annually. After learning what will be required, George needs to implement an IDS as soon as possible before the first audit occurs. The state bill requires that an IDS with a "time-based induction machine" be used.
What IDS feature must George implement to meet this requirement?

  • A. Real-time anomaly detection
  • B. Statistical-based anomaly detection
  • C. Signature-based anomaly detection
  • D. Pattern matching

Answer: A

 

NEW QUESTION 346
What is the purpose of using Obfuscator in malware?

  • A. Avoid encryption while passing through a VPN
  • B. Avoid detection by security mechanisms
  • C. Propagate malware to other connected devices
  • D. Execute malicious code in the system

Answer: B

 

NEW QUESTION 347
Charles has accidentally deleted an important file while working on his Mac computer. He wants to recover the deleted file as it contains some of his crucial business secrets. Which of the following tool will help Charles?

  • A. Colasoft's Capsa
  • B. FileSalvage
  • C. DriveSpy
  • D. Xplico

Answer: B

 

NEW QUESTION 348
Which of the following stages in a Linux boot process involve initialization of the system's hardware?

  • A. Bootloader Stage
  • B. BootROM Stage
  • C. BIOS Stage
  • D. Kernel Stage

Answer: C

 

NEW QUESTION 349
On Linux/Unix based Web servers, what privilege should the daemon service be run under?

  • A. Something other than root
  • B. Guest
  • C. Root
  • D. You cannot determine what privilege runs the daemon service

Answer: A

 

NEW QUESTION 350
Which of the following is a federal law enacted in the US to control the ways that financial institutions deal with the private information of individuals?

  • A. GLBA
  • B. PCI DSS
  • C. SOX
  • D. HIPAA 1996

Answer: A

 

NEW QUESTION 351
What type of analysis helps to identify the time and sequence of events in an investigation?

  • A. Time-based
  • B. Temporal
  • C. Relational
  • D. Functional

Answer: B

 

NEW QUESTION 352
Sectors are pie-shaped regions on a hard disk that store dat
a. Which of the following parts of a hard disk do not contribute in determining the addresses of data?

  • A. Sectors
  • B. Heads
  • C. Interface
  • D. Cylinder

Answer: C

 

NEW QUESTION 353
Which among the following web application threats is resulted when developers expose various internal implementation objects, such as files, directories, database records, or key-through references?

  • A. Cross Site Scripting
  • B. Cross Site Request Forgery
  • C. Insecure Direct Object References
  • D. Remote File Inclusion

Answer: C

 

NEW QUESTION 354
In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?

  • A. In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name
  • B. Both pharming and phishing attacks are identical
  • C. In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name
  • D. Both pharming and phishing attacks are purely technical and are not considered forms of social engineering

Answer: A

 

NEW QUESTION 355
At what layer of the OSI model do routers function on?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: B

 

NEW QUESTION 356
While collecting Active Transaction Logs using SQL Server Management Studio, the query Select * from ::fn_dblog(NULL, NULL) displays the active portion of the transaction log file. Here, assigning NULL values implies?

  • A. Start and end points for log files are not specified
  • B. Start and end points for log sequence numbers are not specified
  • C. Start and end points for log sequence numbers are specified
  • D. Start and end points for log files are specified

Answer: A

 

NEW QUESTION 357
What is the name of the first reserved sector in File allocation table?

  • A. Master Boot Record
  • B. Partition Boot Sector
  • C. Volume Boot Record
  • D. BIOS Parameter Block

Answer: A

 

NEW QUESTION 358
An employee is attempting to wipe out data stored on a couple of compact discs (CDs) and digital video discs (DVDs) by using a large magnet. You inform him that this method will not be effective in wiping out the data because CDs and DVDs are ______________ media used to store large amounts of data and are not affected by the magnet.

  • A. optical
  • B. anti-magnetic
  • C. magnetic
  • D. logical

Answer: A

 

NEW QUESTION 359
Which of the following attacks allows an attacker to access restricted directories, including application source code, configuration and critical system files, and to execute commands outside of the web server's root directory?

  • A. Unvalidated input
  • B. Security misconfiguration
  • C. Parameter/form tampering
  • D. Directory traversal

Answer: D

 

NEW QUESTION 360
Diskcopy is:

  • A. dd copying tool
  • B. Digital Intelligence utility
  • C. a utility by AccessData
  • D. a standard MS-DOS command

Answer: D

Explanation:
diskcopy is a STANDARD DOS utility. C:\WINDOWS>diskcopy /? Copies the contents of one floppy disk to another.

 

NEW QUESTION 361
Which of the following is an iOS Jailbreaking tool?

  • A. One Click Root
  • B. Towelroot
  • C. Redsn0w
  • D. Kingo Android ROOT

Answer: C

 

NEW QUESTION 362
In Linux, what is the smallest possible shellcode?

  • A. 24 bytes
  • B. 8 bytes
  • C. 80 bytes
  • D. 800 bytes

Answer: A

 

NEW QUESTION 363
How many characters long is the fixed-length MD5 algorithm checksum of a critical system file?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: A

 

NEW QUESTION 364
An investigator has extracted the device descriptor for a 1GB thumb drive that looks like: Disk&Ven_Best_Buy&Prod_Geek_Squad_U3&Rev_6.15. What does the "Geek_Squad" part represent?

  • A. Developer description
  • B. Product description
  • C. Software or OS used
  • D. Manufacturer Details

Answer: B

 

NEW QUESTION 365
What should you do when approached by a reporter about a case that you are working on or have worked on?

  • A. Refer the reporter to the attorney that retained you
  • B. Answer only the questions that help your case
  • C. Say, "no comment"
  • D. Answer all the reporter's questions as completely as possible

Answer: A

 

NEW QUESTION 366
Bill is the accounting manager for Grummon and Sons LLC in Chicago. On a regular basis, he needs to send PDF documents containing sensitive information through E-mail to his customers.
Bill protects the PDF documents with a password and sends them to their intended recipients.
Why PDF passwords do not offer maximum protection?

  • A. PDF passwords are not considered safe by Sarbanes-Oxley
  • B. PDF passwords can easily be cracked by software brute force tools
  • C. PDF passwords are converted to clear text when sent through E-mail
  • D. When sent through E-mail, PDF passwords are stripped from the document completely

Answer: B

 

NEW QUESTION 367
If you discover a criminal act while investigating a corporate policy abuse, it becomes a publicsector investigation and should be referred to law enforcement?

  • A. true
  • B. false

Answer: A

 

NEW QUESTION 368
......

312-49v10 Exam Questions – Valid 312-49v10 Dumps Pdf: https://www.passexamdumps.com/312-49v10-valid-exam-dumps.html

312-49v10 PDF Dumps Recently Updated Questions: https://drive.google.com/open?id=1gfrlV36FOof5dnJ1ZQzzCko-HEwsjCV7

Related Articles

more
EC-COUNCIL 312-49v10 Certification Practice Exam