Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

ECCouncil 312-49v10 - Computer Hacking Forensic Investigator (CHFI-v10)

ECCouncil 312-49v10 Premium Access     Download Demo    
Page: 7 / 15
Total 704 questions

> NMAP -sn 192.168.11.200-215 The NMAP command above performs which of the following?

A.

A trace sweep

B.

A port scan

C.

A ping scan

D.

An operating system detect

Which of the following is a tool to reset Windows admin password?

A.

R-Studio

B.

Windows Password Recovery Bootdisk

C.

Windows Data Recovery Software

D.

TestDisk for Windows

Andie, a network administrator, suspects unusual network services running on a windows system. Which of the following commands should he use to verify unusual network services started on a Windows system?

A.

net serv

B.

netmgr

C.

lusrmgr

D.

net start

What does Locard's Exchange Principle state?

A.

Any information of probative value that is either stored or transmitted in a digital form

B.

Digital evidence must have some characteristics to be disclosed in the court of law

C.

Anyone or anything, entering a crime scene takes something of the scene with them, and leaves something of themselves behind when they leave

D.

Forensic investigators face many challenges during forensics investigation of a digital crime, such as extracting, preserving, and analyzing the digital evidence

Randy has extracted data from an old version of a Windows-based system and discovered info file Dc5.txt in the system recycle bin. What does the file name denote?

A.

A text file deleted from C drive in sixth sequential order

B.

A text file deleted from C drive in fifth sequential order

C.

A text file copied from D drive to C drive in fifth sequential order

D.

A text file copied from C drive to D drive in fifth sequential order

What document does the screenshot represent?

A.

Expert witness form

B.

Search warrant form

C.

Chain of custody form

D.

Evidence collection form

Select the tool appropriate for examining the dynamically linked libraries of an application or malware.

A.

DependencyWalker

B.

SysAnalyzer

C.

PEiD

D.

ResourcesExtract

Graphics Interchange Format (GIF) is a ____ RGB bitmap image format for images with up to 256 distinct colors per frame.

A.

8-bit

B.

32-bit

C.

16-bit

D.

24-bit

Select the tool appropriate for finding the dynamically linked lists of an application or malware.

A.

SysAnalyzer

B.

ResourcesExtract

C.

PEiD

D.

Dependency Walker

Hard disk data addressing is a method of allotting addresses to each _______ of data on a hard disk.

A.

Physical block

B.

Operating system block

C.

Hard disk block

D.

Logical block

A Linux system is undergoing investigation. In which directory should the investigators look for its current state data if the system is in powered on state?

A.

/auth

B.

/proc

C.

/var/log/debug

D.

/var/spool/cron/

Which among the following tools can help a forensic investigator to access the registry files during postmortem analysis?

A.

RegistryChangesView

B.

RegDIIView

C.

RegRipper

D.

ProDiscover

Which among the following laws emphasizes the need for each Federal agency to develop, document, and implement an organization-wide program to provide information security for the information systems that support its operations and assets?

A.

FISMA

B.

HIPAA

C.

GLBA

D.

SOX

Smith is an IT technician that has been appointed to his company's network vulnerability assessment team. He is the only IT employee on the team. The other team members include employees from

Accounting, Management, Shipping, and Marketing. Smith and the team members are having their first meeting to discuss how they will proceed. What is the first step they should do to create the network

vulnerability assessment plan?

A.

Their first step is to make a hypothesis of what their final findings will be.

B.

Their first step is to create an initial Executive report to show the management team.

C.

Their first step is to analyze the data they have currently gathered from the company or interviews.

D.

Their first step is the acquisition of required documents, reviewing of security policies and compliance.

Which of the following is a federal law enacted in the US to control the ways that financial institutions deal with the private information of individuals?

A.

SOX

B.

HIPAA 1996

C.

GLBA

D.

PCI DSS