[Jan 18, 2022] 312-49v10 Test Prep Training Practice Exam Questions Practice Tests
Exam Questions Answers Braindumps 312-49v10 Exam Dumps PDF Questions
NEW QUESTION 55
Which of the following tool is used to locate IP addresses?
- A. XRY LOGICAL
- B. Towelroot
- C. SmartWhois
- D. Deep Log Analyzer
Answer: C
NEW QUESTION 56
Which password cracking technique uses details such as length of password, character sets used to construct the password, etc.?
- A. Rule-based attack
- B. Brute force attack
- C. Man in the middle attack
- D. Dictionary attack
Answer: D
NEW QUESTION 57
What malware analysis operation can the investigator perform using the jv16 tool?
- A. Installation Monitor
- B. Network Traffic Monitoring/Analysis
- C. Files and Folder Monitor
- D. Registry Analysis/Monitoring
Answer: D
NEW QUESTION 58
An executive has leaked the company trade secrets through an external drive. What process should the investigation team take if they could retrieve his system?
- A. Real-Time Analysis
- B. Malware Analysis
- C. Postmortem Analysis
- D. Packet Analysis
Answer: C
NEW QUESTION 59
Which of the following tool can the investigator use to analyze the network to detect Trojan activities?
- A. RAM Computer
- B. TRIPWIRE
- C. Capsa
- D. Regshot
Answer: C
NEW QUESTION 60
In General, __________________ Involves the investigation of data that can be retrieved from the hard disk or other disks of a computer by applying scientific methods to retrieve the data.
- A. Data Recovery
- B. Disaster Recovery
- C. Computer Forensics
- D. Network Forensics
Answer: C
NEW QUESTION 61
How many sectors will a 125 KB file use in a FAT32 file system?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: C
NEW QUESTION 62
Which among the following is an act passed by the U.S. Congress in 2002 to protect investors from the possibility of fraudulent accounting activities by corporations?
- A. SOX
- B. HIPAA
- C. GLBA
- D. FISMA
Answer: A
NEW QUESTION 63
Which part of the Windows Registry contains the user's password file?
- A. HKEY_CURRENT_USER
- B. HKEY_CURRENT_CONFIGURATION
- C. HKEY_USER
- D. HKEY_LOCAL_MACHINE
Answer: D
NEW QUESTION 64
Corporate investigations are typically easier than public investigations because:
- A. the users have standard corporate equipment and software
- B. the investigator does not have to get a warrant
- C. the investigator has to get a warrant
- D. the users can load whatever they want on their machines
Answer: B
NEW QUESTION 65
Why are Linux/Unix based computers better to use than Windows computers for idle scanning?
- A. Windows computers will not respond to idle scans
- B. Windows computers are constantly talking
- C. Linux/Unix computers are constantly talking
- D. Linux/Unix computers are easier to compromise
Answer: B
NEW QUESTION 66
Which of the following tool can reverse machine code to assembly language?
- A. PEiD
- B. RAM Capturer
- C. Deep Log Analyzer
- D. IDA Pro
Answer: D
NEW QUESTION 67
What method of computer forensics will allow you to trace all ever-established user accounts on a Windows 2000 sever the course of its lifetime?
- A. forensic duplication of hard drive
- B. comparison of MD5 checksums
- C. review of SIDs in the Registry
- D. analysis of volatile data
Answer: B
NEW QUESTION 68
Which of the following is a non-zero data that an application allocates on a hard disk cluster in systems running on Windows OS?
- A. Meta Block Group
- B. Slack Space
- C. Master File Table
- D. Sparse File
Answer: C
NEW QUESTION 69
What is the CIDR from the following screenshot?
- A. /24A./24A./24
- B. /8D./8D./8
- C. /16 C./16 C./16
- D. /32 B./32 B./32
Answer: B
NEW QUESTION 70
......
EC-COUNCIL 312-49v10 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
Download Free EC-COUNCIL 312-49v10 Real Exam Questions: https://www.prep4sureguide.com/312-49v10-prep4sure-exam-guide.html
312-49v10 Exam Dumps, 312-49v10 Practice Test Questions: https://drive.google.com/open?id=1gXu8vqZNZVpeFfJ-ktwLwovNcoI3INHX