• Home
  • Articles
  • 2022 Realistic 312-49v9 Dumps Latest EC-COUNCIL Practice Tests Dumps [Q93-Q111]

2022 Realistic 312-49v9 Dumps Latest EC-COUNCIL Practice Tests Dumps [Q93-Q111]

Share

2022 Realistic 312-49v9 Dumps Latest EC-COUNCIL Practice Tests Dumps

312-49v9 Dumps PDF - 312-49v9 Real Exam Questions Answers

NEW QUESTION 93
To preserve digital evidence, an investigator should ____________________.

  • A. Make a single copy of each evidence item using an approved imaging tool
  • B. Only store the original evidence item
  • C. Make two copies of each evidence item using different imaging tools
  • D. Make two copies of each evidence item using a single imaging tool

Answer: C

 

NEW QUESTION 94
You have been asked to investigate the possibility of computer fraud in the finance department of a company.
It is suspected that a staff member has been committing finance fraud by printing cheques that have not been authorized. You have exhaustively searched all data files on a bitmap image of the target computer, but have found no evidence. You suspect the files may not have been saved. What should you examine next in this case?

  • A. The registry
  • B. The swap file
  • C. The metadata
  • D. The recycle bin

Answer: B

 

NEW QUESTION 95
What layer of the OSI model do TCP and UDP utilize?

  • A. Transport
  • B. Session
  • C. Data Link
  • D. Network

Answer: A

 

NEW QUESTION 96
The Apache server saves diagnostic information and error messages that it encounters while processing requests. The default path of this file is usr/local/apache/logs/error.log in
Linux. Identify the Apache error log from the following logs.

  • A. http://victim.com/scripts/..%c0%af./..%c0%af./..%c0%af./..%c0%af./..%c0%af./..%c0%af./..
    %c0%af./..%c0%af./../winnt/system32/cmd.exe?/c+di
    r+c:\wintt\system32\Logfiles\W3SVC1
  • B. 127.0.0.1 - frank [10/Oct/2000:13:55:36-0700] "GET /apache_pb.grf HTTP/1.0" 200
    2326
  • C. [Wed Oct 11 14:32:52 2000] [error] [client 127.0.0.1] client denied by server configuration: /export/home/live/ap/htdocs/test
  • D. 127.0.0.1 --[10/Apr/2007:10:39:11 +0300] ] [error] "GET /apache_pb.gif HTTP/1.0' 200
    2326

Answer: C

 

NEW QUESTION 97
Julie is a college student majoring in Information Systems and Computer Science. She is currently writing an essay for her computer crimes class. Julie paper focuses on white- collar crimes in America and how forensics investigators investigate the cases. Julie would like to focus the subjectJulie? paper focuses on white-collar crimes in America and how forensics investigators investigate the cases. Julie would like to focus the subject of the essay on the most common type of crime found in corporate America. What crime should
Julie focus on?

  • A. Physical theft
  • B. Copyright infringement
  • C. Denial of Service attacks
  • D. Industrial espionage

Answer: D

 

NEW QUESTION 98
An investigator has acquired packed software and needed to analyze it for the presence of malice. Which of the following tools can help in finding the packaging software used?

  • A. Comodo Programs Manager
  • B. Dependency Walker
  • C. SysAnalyzer
  • D. PEiD

Answer: D

 

NEW QUESTION 99
In Microsoft file structures, sectors are grouped together to form:

  • A. Partitions
  • B. Bitstreams
  • C. Clusters
  • D. Drives

Answer: C

 

NEW QUESTION 100
An executive had leaked the company trade secrets through an external drive. What process should the investigation team take if they could retrieve his system?

  • A. Malware Analysis
  • B. Real-Time Analysis
  • C. Packet Analysis
  • D. Postmortem Analysis

Answer: D

 

NEW QUESTION 101
What is the investigator trying to view by issuing the command displayed in the following screenshot?

  • A. List of services stopped
  • B. List of services installed
  • C. List of services closed recently
  • D. List of services recently started

Answer: B

 

NEW QUESTION 102
Which command can provide the investigators with details of all the loaded modules on a Linux-based system?

  • A. list modules -a
  • B. plist mod -a
  • C. lsmod
  • D. lsof -m

Answer: C

 

NEW QUESTION 103
You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have rummaged through their trash and found very little information. You do not want to set off any alarms on their network, so you plan on performing passive footprinting against their Web servers.
What tool should you use?

  • A. Nmap
  • B. Ping sweep
  • C. Netcraft
  • D. Dig

Answer: C

 

NEW QUESTION 104
Richard is extracting volatile data from a system and uses the command doskey/history. What is he trying to extract?

  • A. History of the browser
  • B. Previously typed commands
  • C. Events history
  • D. Passwords used across the system

Answer: B

 

NEW QUESTION 105
What do you call the process of studying the changes that have taken place across a system or a machine after a series of actions or incidents?

  • A. Start-up Programs Monitoring
  • B. System Baselining
  • C. Windows Services Monitoring
  • D. Host integrity Monitoring

Answer: D

 

NEW QUESTION 106
To calculate the number of bytes on a disk, the formula is: CHS**

  • A. number of cells x number of heads x number of sides x 512 bytes per sector
  • B. number of circles x number of halves x number of sides x 512 bytes per sector
  • C. number of cylinders x number of heads x number of sides x 512 bytes per sector
  • D. number of cylinders x number of halves x number of shims x 512 bytes per sector

Answer: C

Explanation:
Although D in this question is probably the closest, the answer may have been transcribed incorrectly. CHS stands for Cylinder Head Sector, and S is not sides. Each side of a platter of a disk has its own head.
A cylinder is an alignment of all tracks under one head position. So the answer is number of cylinders x number of heads x number of sectors (per track) x 512 bytes per sector (assuming that is the sector size as some disks may have larger sector sizes). The number of tracks per side of disk, or the number of tracks that a single head can access is equal to the number of cylinders.

 

NEW QUESTION 107
SIM is a removable component that contains essential information about the subscriber. It has both volatile and non-volatile memory. The file system of a SIM resides in
_____________ memory.

  • A. Non-volatile
  • B. Volatile

Answer: A

 

NEW QUESTION 108
What does 254 represent in ICCID 89254021520014515744?

  • A. Country Code
  • B. Issuer Identifier Number
  • C. Industry Identifier Prefix
  • D. Individual Account Identification Number

Answer: A

 

NEW QUESTION 109
Linux operating system has two types of typical bootloaders namely LILO (Linux Loader) and GRUB (Grand Unified Bootloader). In which stage of the booting process do the bootloaders become active?

  • A. Bootloader Stage
  • B. BIOS Stage
  • C. BootROM Stage
  • D. Kernel Stage

Answer: D

 

NEW QUESTION 110
Wireless network discovery tools use two different methodologies to detect, monitor and log a WLAN device (i.e. active scanning and passive scanning). Active scanning methodology involves ____________and waiting for responses from available wireless networks.

  • A. Broadcasting a probe request frame
  • B. Inspecting WLAN and surrounding networks
  • C. Scanning the network
  • D. Sniffing the packets from the airwave

Answer: A

 

NEW QUESTION 111
......

312-49v9 Premium Exam Engine pdf Download: https://pass4sure.actualpdf.com/312-49v9-real-questions.html

Related Articles

more
EC-COUNCIL 312-49v9 Certification Practice Exam