The Secret Of EC-Council 312-49v10 Prep

NEW QUESTION 1

John and Hillary works at the same department in the company. John wants to find out Hillary's network password so he can take a look at her documents on the file server. He enables Lophtcrack program to sniffing mode. John sends Hillary an email with a link to Error! Reference source not found. What information will he
be able to gather from this?

• A. Hillary network username and password hash
• B. The SID of Hillary network account
• C. The SAM file from Hillary computer
• D. The network shares that Hillary has permissions

Answer: A

NEW QUESTION 2

Which of the following statements is incorrect when preserving digital evidence?

• A. Verify if the monitor is in on, off, or in sleep mode
• B. Turn on the computer and extract Windows event viewer log files
• C. Remove the plug from the power router or modem
• D. Document the actions and changes that you observe in the monitor, computer, printer, or in other peripherals

Answer: B

NEW QUESTION 3

Printing under a Windows Computer normally requires which one of the following files types to be created?

• A. EME
• B. MEM
• C. EMF
• D. CME

Answer: C

NEW QUESTION 4

What must an attorney do first before you are called to testify as an expert?

• A. Qualify you as an expert witness
• B. Read your curriculum vitae to the jury
• C. Engage in damage control
• D. Prove that the tools you used to conduct your examination are perfect

Answer: A

NEW QUESTION 5

What technique is used by JPEGs for compression?

• A. ZIP
• B. TCD
• C. DCT
• D. TIFF-8

Answer: C

NEW QUESTION 6

Which among the following web application threats is resulted when developers expose various internal implementation objects, such as files, directories, database records, or key-through references?

• A. Remote File Inclusion
• B. Cross Site Scripting
• C. Insecure Direct Object References
• D. Cross Site Request Forgery

Answer: C

NEW QUESTION 7

Which of the following commands shows you the username and IP address used to access the system via a remote login session and the type of client from which they are accessing the system?

• A. Net config
• B. Net sessions
• C. Net share
• D. Net stat

Answer: B

NEW QUESTION 8

Madison is on trial for allegedly breaking into her university’s internal network. The police raided her dorm room and seized all of her computer equipment. Madison’s lawyer is trying to convince the judge that the seizure was unfounded and baseless. Under which US Amendment is Madison’s lawyer trying to prove the police violated?

• A. The 4th Amendment
• B. The 1st Amendment
• C. The 10th Amendment
• D. The 5th Amendment

Answer: A

NEW QUESTION 9

You are assisting in the investigation of a possible Web Server Hack. The company who called you stated that customers reported to them that whenever they entered the web address of the company in their browser, what they received was a porno graphic web site. The company checked the web server and nothing appears wrong. When you type in the IP address of the web site in your browser everything appears normal. What is the name of the attack that affects the DNS cache of the name resolution servers, resulting in those servers directing users to the wrong web site?

• A. ARP Poisoning
• B. DNS Poisoning
• C. HTTP redirect attack
• D. IP Spoofing

Answer: B

NEW QUESTION 10

An investigator enters the command sqlcmd -S WIN-CQQMK62867E -e -s"," -E as part of collecting the primary data file and logs from a database. What does the "WIN-CQQMK62867E” represent?

• A. Name of the Database
• B. Name of SQL Server
• C. Operating system of the system
• D. Network credentials of the database

Answer: B

NEW QUESTION 11

Which of the following refers to the data that might still exist in a cluster even though the original file has been overwritten by another file?

• A. Sector
• B. Metadata
• C. MFT
• D. Slack Space

Answer: D

NEW QUESTION 12

Frank is working on a vulnerability assessment for a company on the West coast. The company hired Frank to assess its network security through scanning, pen tests, and vulnerability assessments. After discovering numerous known vulnerabilities detected by a temporary IDS he set up, he notices a number of items that show up as unknown but Questionable in the logs. He looks up the behavior on the Internet, but cannot find anything related. What organization should Frank submit the log to find out if it is a new vulnerability or not?

• A. APIPA
• B. IANA
• C. CVE
• D. RIPE

Answer: C

NEW QUESTION 13

What type of equipment would a forensics investigator store in a StrongHold bag?

• A. PDAPDA?
• B. Backup tapes
• C. Hard drives
• D. Wireless cards

Answer: D

NEW QUESTION 14

If a PDA is seized in an investigation while the device is turned on, what would be the proper procedure?

• A. Keep the device powered on
• B. Turn off the device immediately
• C. Remove the battery immediately
• D. Remove any memory cards immediately

Answer: A

NEW QUESTION 15

What does ICMP Type 3/Code 13 mean?

• A. Host Unreachable
• B. Administratively Blocked
• C. Port Unreachable
• D. Protocol Unreachable

Answer: B

NEW QUESTION 16

Which of these Windows utility help you to repair logical file system errors?

• A. Resource Monitor
• B. Disk cleanup
• C. Disk defragmenter
• D. CHKDSK

Answer: D

NEW QUESTION 17
......