Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ECCouncil 312-49v9 - Computer Hacking Forensic Investigator (v9)

ECCouncil 312-49v9 Premium Access     Download Demo    
Page: 3 / 12
Total 589 questions

Which of the following statements is TRUE about SQL Server error logs?

A.

SQL Server error logs record all the events occurred on the SQL Server and its databases

B.

Forensic investigator uses SQL Server Profiler to view error log files

C.

Error logs contain IP address of SQL Server client connections

D.

Trace files record, user-defined events, and specific system events

Which of these Windows utility help you to repair logical file system errors?

A.

Resource Monitor

B.

Disk cleanup

C.

Disk defragmenter

D.

CHKDSK

Shane, a forensic specialist, is investigating an ongoing attack on a MySQL database server hosted on a Windows machine with SID “WIN-ABCDE12345F.” Which of the following log file will help Shane in tracking all the client connections and activities performed on the database server?

A.

WIN-ABCDE12345F.err

B.

WIN-ABCDE12345F-bin.n

C.

WIN-ABCDE12345F.pid

D.

WIN-ABCDE12345F.log

Which among the following web application threats is resulted when developers expose various internal implementation objects, such as files, directories, database records, or key-through references?

A.

Remote File Inclusion

B.

Cross Site Scripting

C.

Insecure Direct Object References

D.

Cross Site Request Forgery

Which of the following is a precomputed table containing word lists like dictionary files and brute force lists and their hash values?

A.

Directory Table

B.

Rainbow Table

C.

Master file Table (MFT)

D.

Partition Table

Which of the following information is displayed when Netstat is used with -ano switch?

A.

Ethernet statistics

B.

Contents of IP routing table

C.

Details of routing table

D.

Details of TCP and UDP connections

Which of the following statements is incorrect when preserving digital evidence?

A.

Verify if the monitor is in on, off, or in sleep mode

B.

Turn on the computer and extract Windows event viewer log files

C.

Remove the plug from the power router or modem

D.

Document the actions and changes that you observe in the monitor, computer, printer, or in other peripherals

In which cloud crime do attackers try to compromise the security of the cloud environment in order to steal data or inject a malware?

A.

Cloud as an Object

B.

Cloud as a Tool

C.

Cloud as an Application

D.

Cloud as a Subject

Which of the following is a non-zero data that an application allocates on a hard disk cluster in systems running on Windows OS?

A.

Sparse File

B.

Master File Table

C.

Meta Block Group

D.

Slack Space

Amelia has got an email from a well-reputed company stating in the subject line that she has won a prize money, whereas the email body says that she has to pay a certain amount for being eligible for the contest. Which of the following acts does the email breach?

A.

CAN-SPAM Act

B.

HIPAA

C.

GLBA

D.

SOX

%3cscript%3ealert(”XXXXXXXX”)%3c/script%3e is a script obtained from a Cross-Site Scripting attack. What type of encoding has the attacker employed?

A.

Double encoding

B.

Hex encoding

C.

Unicode

D.

Base64

Which component in the hard disk moves over the platter to read and write information?

A.

Actuator

B.

Spindle

C.

Actuator Axis

D.

Head

CAN-SPAM act requires that you:

A.

Don’t use deceptive subject lines

B.

Don’t tell the recipients where you are located

C.

Don’t identify the message as an ad

D.

Don’t use true header information

During an investigation, Noel found the following SIM card from the suspect's mobile. What does the code 89 44 represent?

A.

Issuer Identifier Number and TAC

B.

Industry Identifier and Country code

C.

Individual Account Identification Number and Country Code

D.

TAC and Industry Identifier

Tasklist command displays a list of applications and services with their Process ID (PID) for all tasks running on either a local or a remote computer. Which of the following tasklist commands provides information about the listed processes, including the image name, PID, name, and number of the session for the process?

A.

tasklist /p

B.

tasklist /v

C.

tasklist /u

D.

tasklist /s