What Guaranteed 312-49v10 Samples Is

NEW QUESTION 1

Consider a scenario where the perpetrator of a dark web crime has unlnstalled Tor browser from their computer after committing the crime. The computer has been seized by law enforcement so they can Investigate It for artifacts of Tor browser usage. Which of the following should the Investigators examine to establish the use of Tor browser on the suspect machine?

• A. Swap files
• B. Files in Recycle Bin
• C. Security logs
• D. Prefetch files

Answer: A

NEW QUESTION 2

To reach a bank web site, the traffic from workstations must pass through a firewall. You have been asked to review the firewall configuration to ensure that workstations in network 10.10.10.0/24 can only reach the bank web site 10.20.20.1 using https. Which of the following firewall rules meets this requirement?

• A. if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 443) then permit
• B. if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 80 or 443) then permit
• C. if (source matches 10.10.10.0 and destination matches 10.20.20.1 and port matches 443) then permit

Answer: A

NEW QUESTION 3

What term is used to describe a cryptographic technique for embedding information into something else for the sole purpose of hiding that information from the casual observer?

• A. rootkit
• B. key escrow
• C. steganography
• D. Offset

Answer: C

NEW QUESTION 4

What operating system would respond to the following command?

• A. Windows 95
• B. FreeBSD
• C. Windows XP
• D. Mac OS X

Answer: B

NEW QUESTION 5

Centralized binary logging is a process in which many websites write binary and unformatted log data to a single log file. What extension should the investigator look to find its log file?

• A. .cbl
• B. .log
• C. .ibl
• D. .txt

Answer: C

NEW QUESTION 6

If you are concerned about a high level of compression but not concerned about any possible data loss, what type of compression would you use?

• A. Lossful compression
• B. Lossy compression
• C. Lossless compression
• D. Time-loss compression

Answer: B

NEW QUESTION 7

An EC2 instance storing critical data of a company got infected with malware. The forensics team took the EBS volume snapshot of the affected Instance to perform further analysis and collected other data of evidentiary value. What should be their next step?

• A. They should pause the running instance
• B. They should keep the instance running as it stores critical data
• C. They should terminate all instances connected via the same VPC
• D. They should terminate the instance after taking necessary backup

Answer: D

NEW QUESTION 8

Office Documents (Word, Excel and PowerPoint) contain a code that allows tracking the MAC or unique identifier of the machine that created the document. What is that code called?

• A. Globally unique ID
• B. Microsoft Virtual Machine Identifier
• C. Personal Application Protocol
• D. Individual ASCII string

Answer: A

NEW QUESTION 9

Data density of a disk drive is calculated by using

• A. Slack space, bit density, and slack density.
• B. Track space, bit area, and slack space.
• C. Track density, areal density, and slack density.
• D. Track density, areal density, and bit density.

Answer: D

NEW QUESTION 10

A packet is sent to a router that does not have the packet destination address in its route table. How will the packet get to its proper destination?

• A. Root Internet servers
• B. Border Gateway Protocol
• C. Gateway of last resort
• D. Reverse DNS

Answer: C

NEW QUESTION 11

In which cloud crime do attackers try to compromise the security of the cloud environment in order to steal data or inject a malware?

• A. Cloud as an Object
• B. Cloud as a Tool
• C. Cloud as an Application
• D. Cloud as a Subject

Answer: D

NEW QUESTION 12

How many bits is Source Port Number in TCP Header packet?

• A. 16
• B. 32
• C. 48
• D. 64

Answer: A

NEW QUESTION 13

What happens lo the header of the file once It Is deleted from the Windows OS file systems?

• A. The OS replaces the first letter of a deleted file name with a hex byte code: E5h
• B. The OS replaces the entire hex byte coding of the file.
• C. The hex byte coding of the file remains the same, but the file location differs
• D. The OS replaces the second letter of a deleted file name with a hex byte code: Eh5

Answer: A

NEW QUESTION 14

You are asked to build a forensic lab and your manager has specifically informed you to use copper for lining the walls, ceilings, and floor. What is the main purpose of lining the walls, ceilings, and floor with copper?

• A. To control the room temperature
• B. To strengthen the walls, ceilings, and floor
• C. To avoid electromagnetic emanations
• D. To make the lab sound proof

Answer: D

NEW QUESTION 15

Choose the layer in iOS architecture that provides frameworks for iOS app development?

• A. Media services
• B. Cocoa Touch
• C. Core services
• D. Core OS

Answer: C

NEW QUESTION 16

Smith, a forensic examiner, was analyzing a hard disk image to find and acquire deleted sensitive files. He stumbled upon a $Recycle.Bin folder in the root directory of the disk. Identify the operating system in use.

• A. Windows 98
• B. Linux
• C. Windows 8.1
• D. Windows XP

Answer: D

NEW QUESTION 17
......