Prepare Important Exam with 312-49v10 Exam Dumps(2023)
Pass Exam Questions Efficiently With 312-49v10 Questions
EC-COUNCIL 312-49v10 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
NEW QUESTION 88
Which of the following file contains the traces of the applications installed, run, or uninstalled from a system?
- A. Shortcut Files
- B. Image Files
- C. Prefetch Files
- D. Virtual files
Answer: A
NEW QUESTION 89
An investigator Is examining a file to identify any potentially malicious content. To avoid code execution and still be able to uncover hidden indicators of compromise (IOC), which type of examination should the investigator perform:
- A. Threat hunting
- B. Static analysis
- C. Dynamic analysis
- D. Threat analysis
Answer: D
NEW QUESTION 90
You are asked to build a forensic lab and your manager has specifically informed you to use copper for lining the walls, ceilings, and floor. What is the main purpose of lining the walls, ceilings, and floor with copper?
- A. To strengthen the walls, ceilings, and floor
- B. To control the room temperature
- C. To make the lab sound proof
- D. To avoid electromagnetic emanations
Answer: C
NEW QUESTION 91
Debbie has obtained a warrant to search a known pedophiles house. Debbie went to the house and executed the search warrant to seize digital devices that have been recorded as being used for downloading Illicit Images. She seized all digital devices except a digital camer a. Why did she not collect the digital camera?
- A. Debbie overlooked the digital camera because it is not a computer system
- B. The digital camera was not listed as one of the digital devices in the warrant
- C. The digital camera was old. had a cracked screen, and did not have batteries. Therefore, it could not have been used in a crime.
- D. The vehicle Debbie was using to transport the evidence was already full and could not carry more items
Answer: B
NEW QUESTION 92
When investigating a potential e-mail crime, what is your first step in the investigation?
- A. Determine whether a crime was actually committed
- B. Recover the evidence
- C. Trace the IP address to its origin
- D. Write a report
Answer: C
NEW QUESTION 93
How will you categorize a cybercrime that took place within a CSP's cloud environment?
- A. Cloud as a Tool
- B. Cloud as an Audit
- C. Cloud as an Object
- D. Cloud as a Subject
Answer: C
NEW QUESTION 94
Which cloud model allows an investigator to acquire the instance of a virtual machine and initiate the forensics examination process?
- A. IaaS model
- B. PaaS model
- C. SaaS model
- D. SecaaS model
Answer: A
NEW QUESTION 95
A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees don't like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wireshark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?
- A. tcp.port = 23
- B. tcp.port == 21
- C. tcp.port != 21
- D. tcp.port == 21 || tcp.port == 22
Answer: B
NEW QUESTION 96
The process of restarting a computer that is already turned on through the operating system is called?
- A. Ice boot
- B. Warm boot
- C. Cold boot
- D. Hot Boot
Answer: B
NEW QUESTION 97
When needing to search for a website that is no longer present on the Internet today but was online few years back, what site can be used to view the website collection of pages?
- A. Samspade.org
- B. Archive.org
- C. Proxify.net
- D. Dnsstuff.com
Answer: B
NEW QUESTION 98
What method would be most efficient for you to acquire digital evidence from this network?
- A. OS/2
- B. Linux
- C. Microsoft Windows
- D. BSD Unix
Answer: D
NEW QUESTION 99
Which of the following components within the android architecture stack take care of displaying windows owned by different applications?
- A. Application Framework
- B. Resource Manager
- C. Surface Manager
- D. Media Framework
Answer: A
NEW QUESTION 100
After attending a CEH security seminar, you make a list of changes you would like to perform on your network to increase its security. One of the first things you change is to switch the RestrictAnonymous setting from 0 to 1 on your servers. This, as you were told, would prevent anonymous users from establishing a null session on the server. Using Userinfo tool mentioned at the seminar, you succeed in establishing a null session with one of the servers. Why is that?
- A. RestrictAnonymous must be set to "2" for complete security
- B. RestrictAnonymous must be set to "10" for complete security
- C. RestrictAnonymous must be set to "3" for complete security
- D. There is no way to always prevent an anonymous null session from establishing
Answer: A
NEW QUESTION 101
UEFI is a specification that defines a software interface between an OS and platform firmware. Where does this interface store information about files present on a disk?
- A. BIOS-MBR
- B. Master Boot Record (MBR)
- C. GUID Partition Table (GPT)
- D. BIOS Parameter Block
Answer: C
NEW QUESTION 102
Jim's company regularly performs backups of their critical servers. But the company can't afford to send backup tapes to an off-site vendor for long term storage and archiving. Instead Jim's company keeps the backup tapes in a safe in the office. Jim's company is audited each year, and the results from this year's audit show a risk because backup tapes aren't stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?
- A. Encrypt the backup tapes and use a courier to transport them.
- B. Degauss the backup tapes and transport them in a lock box.
- C. Encrypt the backup tapes and transport them in a lock box
- D. Hash the backup tapes and transport them in a lock box.
Answer: C
NEW QUESTION 103
Which of the following is the most effective tool for acquiring volatile data from a Windows-based system?
- A. Datagrab
- B. Helix
- C. Coreography
- D. Ethereal
Answer: B
NEW QUESTION 104
The Recycle Bin exists as a metaphor for throwing files away, but it also allows a user to retrieve and restore files. Once the file is moved to the recycle bin, a record is added to the log file that exists in the Recycle Bin. Which of the following files contains records that correspond to each deleted file in the Recycle Bin?
- A. INFO2
- B. INFO1
- C. LOGINFO1
- D. LOGINFO2
Answer: A
NEW QUESTION 105
Shane, a forensic specialist, is investigating an ongoing attack on a MySQL database server hosted on a Windows machine with SID "WIN-ABCDE12345F." Which of the following log file will help Shane in tracking all the client connections and activities performed on the database server?
- A. WIN-ABCDE12345F.log
- B. WIN-ABCDE12345F-bin.n
- C. WIN-ABCDE12345F.pid
- D. WIN-ABCDE12345F.err
Answer: A
NEW QUESTION 106
You are conducting an investigation of fraudulent claims in an insurance company that involves complex text searches through large numbers of documents. Which of the following tools would allow you to quickly and efficiently search for a string within a file on the bitmap image of the target computer?
- A. vim
- B. grep
- C. Stringsearch
- D. dir
Answer: B
NEW QUESTION 107
Cloud forensic investigations impose challenges related to multi-jurisdiction and multi-tenancy aspects. To have a better understanding of the roles and responsibilities between the cloud service provider (CSP) and the client, which document should the forensic investigator review?
- A. Service level management
- B. National and local regulation
- C. Key performance indicator
- D. Service level agreement
Answer: D
NEW QUESTION 108
Kimberly is studying to be an IT security analyst at a vocational school in her town. The school offers many different programming as well as networking languages. What networking protocol language should she learn that routers utilize?
- A. UDP
- B. BPG
- C. OSPF
- D. ATM
Answer: C
NEW QUESTION 109
When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?
- A. Passive IDS
- B. Active IDS
- C. NIPS
- D. Progressive IDS
Answer: B
NEW QUESTION 110
Which of the following registry hive gives the configuration information about which application was used to open various files on the system?
- A. HKEY_LOCAL_MACHINE
- B. HKEY_USERS
- C. HKEY_CURRENT_CONFIG
- D. HKEY_CLASSES_ROOT
Answer: D
NEW QUESTION 111
......
312-49v10 Questions - Truly Beneficial For Your EC-COUNCIL Exam: https://www.testpassed.com/312-49v10-still-valid-exam.html
Download EC-COUNCIL 312-49v10 Sample Questions: https://drive.google.com/open?id=1xevvLrbAGN-65Ff4lsNXs6i5ie2H7U7s