[Mar-2023] 312-49v10 Dumps are Available for Instant Access from PracticeTorrent
Study resources for the Valid 312-49v10 Braindumps!
NEW QUESTION 419
To check for POP3 traffic using Ethereal, what port should an investigator search by?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: B
NEW QUESTION 420
A forensic analyst has been tasked with investigating unusual network activity Inside a retail company's network. Employees complain of not being able to access services, frequent rebooting, and anomalies In log files. The Investigator requested log files from the IT administrator and after carefully reviewing them, he finds the following log entry:
What type of attack was performed on the companies' web application?
- A. Unvalidated input
- B. Directory transversal
- C. Log tampering
- D. SQL injection
Answer: D
NEW QUESTION 421
What is the following command trying to accomplish?
- A. Verify that UDP port 445 is closed for the 192.168.0.0 network
- B. Verify that TCP port 445 is open for the 192.168.0.0 network
- C. Verify that NETBIOS is running for the 192.168.0.0 network
- D. Verify that UDP port 445 is open for the 192.168.0.0 network
Answer: D
NEW QUESTION 422
You are an information security analyst at a large pharmaceutical company. While performing a routine review of audit logs, you have noticed a significant amount of egress traffic to various IP addresses on destination port 22 during off-peak hours. You researched some of the IP addresses and found that many of them are in Eastern Europe. What is the most likely cause of this traffic?
- A. Malicious software on internal system is downloading research data from partner 5FTP servers in Eastern Europe
- B. Internal systems are downloading automatic Windows updates
- C. The organization's primary internal DNS server has been compromised and is performing DNS zone transfers to malicious external entities
- D. Data is being exfiltrated by an advanced persistent threat (APT)
Answer: D
NEW QUESTION 423
Which of the following technique creates a replica of an evidence media?
- A. Backup
- B. Data Deduplication
- C. Bit Stream Imaging
- D. Data Extraction
Answer: C
NEW QUESTION 424
What will the following command produce on a website login page? SELECT email, passwd, login_id, full_name FROM members WHERE email = '[email protected]'; DROP TABLE members; --'
- A. This command will not produce anything since the syntax is incorrect
- B. Inserts the Error! Reference source not found.email address into the members table
- C. Deletes the entire members table
- D. Retrieves the password for the first user in the members table
Answer: C
NEW QUESTION 425
Where should the investigator look for the Edge browser's browsing records, including history, cache, and cookies?
- A. Virtual Memory
- B. Slack Space
- C. ESE Database
- D. Sparse files
Answer: C
NEW QUESTION 426
Which type of attack is possible when attackers know some credible information about the victim's password, such as the password length, algorithms involved, or the strings and characters used in its creation?
- A. Hybrid Password Guessing Attack
- B. Dictionary Attack
- C. Brute-Forcing Attack
- D. Rule-Based Attack
Answer: D
NEW QUESTION 427
A cybercriminal is attempting to remove evidence from a Windows computer. He deletes the file evldence1.doc. sending it to Windows Recycle Bin. The cybercriminal then empties the Recycle Bin. After having been removed from the Recycle Bin. what will happen to the data?
- A. The data will be overwritten with zeroes
- B. The data will remain in its original clusters until it is overwritten
- C. The data will become corrupted, making it unrecoverable
- D. The data will be moved to new clusters in unallocated space
Answer: B
NEW QUESTION 428
A computer forensics Investigator or forensic analyst Is a specially trained professional who works with law enforcement as well as private businesses to retrieve Information from computers and other types of data storage devices. For this, the analyst should have an excellent working knowledge of all aspects of the computer. Which of the following is not a duty of the analyst during a criminal investigation?
- A. To enforce the security of all devices and software in the scene
- B. To create an investigation report
- C. To recover data from suspect devices
- D. To fill the chain of custody
Answer: A
NEW QUESTION 429
John is working as a computer forensics investigator for a consulting firm in Canad a. He is called to seize a computer at a local web caf purportedly used as a botnet server. John thoroughly scans the computer and finds nothing that would lead him to think the computer was a botnet server. John decides to scan the virtual memory of the computer to possibly find something he had missed. What information will the virtual memory scan produce?
- A. It contains the times and dates of all the system files
- B. It contains the times and dates of when the system was last patched
- C. Hidden running processes
- D. It is not necessary to scan the virtual memory of a computer
Answer: C
NEW QUESTION 430
According to RFC 3227, which of the following is considered as the most volatile item on a typical system?
- A. Registers and cache
- B. Temporary system files
- C. Archival media
- D. Kernel statistics and memory
Answer: A
NEW QUESTION 431
Harold wants to set up a firewall on his network but is not sure which one would be the most appropriate. He knows he needs to allow FTP traffic to one of the servers on his network, but he wants to only allow FTP-PUT. Which firewall would be most appropriate for Harold? needs?
- A. Circuit-level proxy firewall
- B. Data link layer firewall
- C. Packet filtering firewall
- D. Application-level proxy firewall
Answer: D
NEW QUESTION 432
On Linux/Unix based Web servers, what privilege should the daemon service be run under?
- A. Something other than root
- B. You cannot determine what privilege runs the daemon service
- C. Guest
- D. Root
Answer: A
NEW QUESTION 433
BMP (Bitmap) is a standard file format for computers running the Windows operating system. BMP images can range from black and white (1 bit per pixel) up to 24 bit color (16.7 million colors). Each bitmap file contains a header, the RGBQUAD array, information header, and image dat a. Which of the following element specifies the dimensions, compression type, and color format for the bitmap?
- A. Header
- B. The RGBQUAD array
- C. Image data
- D. Information header
Answer: D
NEW QUESTION 434
When obtaining a warrant, it is important to:
- A. generallydescribe the place to be searched and generally describe the items to be seized
- B. particularlydescribe the place to be searched and particularly describe the items to be seized
- C. particularlydescribe the place to be searched and generally describe the items to be seized
- D. generallydescribe the place to be searched and particularly describe the items to be seized
Answer: B
NEW QUESTION 435
In a FAT32 system, a 123 KB file will use how many sectors?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: C
NEW QUESTION 436
When investigating a Windows System, it is important to view the contents of the page or swap file because:
- A. This is file that windows use to communicate directly with Registry
- B. Windows stores all of the systems configuration information in this file
- C. This is the file that windows use to store the history of the last 100 commands that were run from the command line
- D. A Large volume of data can exist within the swap file of which the computer user has no knowledge
Answer: D
NEW QUESTION 437
What is the framework used for application development for iOS-based mobile devices?
- A. Dalvik
- B. Zygote
- C. Cocoa Touch
- D. AirPlay
Answer: C
NEW QUESTION 438
......
EC-COUNCIL 312-49v10 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
Updated 312-49v10 Tests Engine pdf - All Free Dumps Guaranteed: https://actual4test.practicetorrent.com/312-49v10-practice-exam-torrent.html