ECCouncil 312-49v9 - Computer Hacking Forensic Investigator (v9)

Where are files temporarily written in Unix when printing?

Which password cracking technique uses details such as length of password, character sets used to construct the password, etc.?

Wireless access control attacks aim to penetrate a network by evading WLAN access control measures such as AP MAC filters and Wi-Fi port access controls. Which of the following wireless access control attacks allow the attacker to set up a rogue access point outside the corporate perimeter and then lure the employees of the organization to connect to it?

How many times can data be written to a DVD+R disk?

When needing to search for a website that is no longer present on the Internet today but was online few years back, what site can be used to view the website collection of pages?

If a PDA is seized in an investigation while the device is turned on, what would be the proper procedure?

Preparing an image drive to copy files to is the first step in Linux forensics. For this purpose, what would the following command accomplish?

dcfldd if=/dev/zero of=/dev/hda bs=4096 conv=noerror, sync

What technique is used by JPEGs for compression?

You have been given the task to investigate web attacks on a Windows-based server. Which of the following commands will you use to look at the sessions the machine has opened with other systems?

John is working as a computer forensics investigator for a consulting firm in Canada. He is called to seize a computer at a local web caf purportedly used as a botnet server. John thoroughly scans the computer and finds nothing that would lead him to think the computer was a botnet server. John decides to scan the virtual memory of the computer to possibly find something he had missed. What information will the virtual memory scan produce?

How will you categorize a cybercrime that took place within a CSP’s cloud environment?