How Many Questions Of 312-49v10 Exam Topics

NEW QUESTION 1

What type of attack sends spoofed UDP packets (instead of ping packets) with a fake source address to the IP broadcast address of a large network?

• A. Fraggle
• B. Smurf scan
• C. SYN flood
• D. Teardrop

Answer: A

NEW QUESTION 2

Steven has been given the task of designing a computer forensics lab for the company he works for. He has found documentation on all aspects of how to design a lab except the number of exits needed. How many exits should Steven include in his design for the computer forensics lab?

• A. Three
• B. One
• C. Two
• D. Four

Answer: B

NEW QUESTION 3

Joshua is analyzing an MSSQL database for finding the attack evidence and other details, where should he look for the database logs?

• A. Model.log
• B. Model.txt
• C. Model.ldf
• D. Model.lgf

Answer: C

NEW QUESTION 4

Annie is searching for certain deleted files on a system running Windows XP OS. Where will she find the files if they were not completely deleted from the system?

• A. C: $Recycled.Bin
• B. C: \$Recycle.Bin
• C. C:\RECYCLER
• D. C:\$RECYCLER

Answer: B

NEW QUESTION 5

In Steganalysis, which of the following describes a Known-stego attack?

• A. The hidden message and the corresponding stego-image are known
• B. During the communication process, active attackers can change cover
• C. Original and stego-object are available and the steganography algorithm is known
• D. Only the steganography medium is available for analysis

Answer: C

NEW QUESTION 6

What header field in the TCP/IP protocol stack involves the hacker exploit known as the Ping of Death?

• A. ICMP header field
• B. TCP header field
• C. IP header field
• D. UDP header field

Answer: B

NEW QUESTION 7

Robert needs to copy an OS disk snapshot of a compromised VM to a storage account in different region for further investigation. Which of the following should he use in this scenario?

• A. Azure CLI
• B. Azure Monitor
• C. Azure Active Directory
• D. Azure Portal

Answer: D

NEW QUESTION 8

Frank, a cloud administrator in his company, needs to take backup of the OS disks of two Azure VMs that store business-critical data. Which type of Azure blob storage can he use for this purpose?

• A. Append blob
• B. Medium blob
• C. Block blob
• D. Page blob

Answer: D

NEW QUESTION 9

Which of the following is NOT an anti-forensics technique?

• A. Data Deduplication
• B. Password Protection
• C. Encryption
• D. Steganography

Answer: A

NEW QUESTION 10

What file is processed at the end of a Windows XP boot to initialize the logon dialog box?

• A. NTOSKRNL.EXE
• B. NTLDR
• C. LSASS.EXE
• D. NTDETECT.COM

Answer: A

NEW QUESTION 11

Adam, a forensic investigator, is investigating an attack on Microsoft Exchange Server of a large organization. As the first step of the investigation, he examined the PRIV.EDB file and found the source from where the mail originated and the name of the file that disappeared upon execution. Now, he wants to examine the MIME stream content. Which of the following files is he going to examine?

• A. PRIV.STM
• B. gwcheck.db
• C. PRIV.EDB
• D. PUB.EDB

Answer: A

NEW QUESTION 12

You are working in the security Department of law firm. One of the attorneys asks you about the topic of sending fake email because he has a client who has been charged with doing just that. His client alleges that he is innocent and that there is no way for a fake email to actually be sent. You inform the attorney that his client is mistaken and that fake email is possibility and that you can prove it. You return to your desk and craft a fake email to the attorney that appears to come from his boss. What port do you send the email to on the company SMTP server?

• A. 10
• B. 25
• C. 110
• D. 135

Answer: B

NEW QUESTION 13

Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance agreement he signed with the client, Harold is performing research online and seeing how much exposure the site has received so far. Harold navigates to google.com and types in the following search. link:www.ghttech.net What will this search produce?

• A. All sites that ghttech.net links to
• B. All sites that link to ghttech.net
• C. All search engines that link to .net domains
• D. Sites that contain the code: link:www.ghttech.net

Answer: B

NEW QUESTION 14

Which of the following is a non-zero data that an application allocates on a hard disk cluster in systems running on Windows OS?

• A. Sparse File
• B. Master File Table
• C. Meta Block Group
• D. Slack Space

Answer: B

NEW QUESTION 15

What is a good security method to prevent unauthorized users from "tailgating"?

• A. Man trap
• B. Electronic combination locks
• C. Pick-resistant locks
• D. Electronic key systems

Answer: A

NEW QUESTION 16

Which command can provide the investigators with details of all the loaded modules on a Linux-based system?

• A. list modules -a
• B. lsmod
• C. plist mod -a
• D. lsof -m

Answer: B

NEW QUESTION 17
......