EC-Council 312-49v10 Computer Hacking Forensic Investigator (CHFI-v10) Online Training
EC-Council 312-49v10 Online Training
The questions for 312-49v10 were last updated at Dec 24,2024.
- Exam Code: 312-49v10
- Exam Name: Computer Hacking Forensic Investigator (CHFI-v10)
- Certification Provider: EC-Council
- Latest update: Dec 24,2024
Larry is an IT consultant who works for corporations and government agencies. Larry plans on shutting down the city’s network using BGP devices and zombies?
What type of Penetration Testing is Larry planning to carry out?
- A . Router Penetration Testing
- B . DoS Penetration Testing
- C . Firewall Penetration Testing
- D . Internal Penetration Testing
You have completed a forensic investigation case. You would like to destroy the data contained in various disks at the forensics lab due to sensitivity of the case.
How would you permanently erase the data on the hard disk?
- A . Throw the hard disk into the fire
- B . Run the powerful magnets over the hard disk
- C . Format the hard disk multiple times using a low level disk utility
- D . Overwrite the contents of the hard disk with Junk data
Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests.
What type of scan is Jessica going to perform?
- A . Tracert
- B . Smurf scan
- C . Ping trace
- D . ICMP ping sweep
This organization maintains a database of hash signatures for known software.
- A . International Standards Organization
- B . Institute of Electrical and Electronics Engineers
- C . National Software Reference Library
- D . American National standards Institute
Harold is a security analyst who has just run the rdisk /s command to grab the backup SAM files on a computer. Where should Harold navigate on the computer to find the file?
- A . %systemroot%system32LSA
- B . %systemroot%system32driversetc
- C . %systemroot%repair
- D . %systemroot%LSA
You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have rummaged through their trash and found very little information. You do not want to set off any alarms on their network, so you plan on performing passive foot printing against their Web servers.
What tool should you use?
- A . Ping sweep
- B . Nmap
- C . Netcraft
- D . Dig
Why should you note all cable connections for a computer you want to seize as evidence?
- A . to know what outside connections existed
- B . in case other devices were connected
- C . to know what peripheral devices exist
- D . to know what hardware existed
What type of attack occurs when an attacker can force a router to stop forwarding packets by flooding the router with many open connections simultaneously so that all the hosts behind the router are effectively disabled?
- A . digital attack
- B . denial of service
- C . physical attack
- D . ARP redirect
One technique for hiding information is to change the file extension from the correct one to one that might not be noticed by an investigator. For example, changing a .jpg extension to a .doc extension so that a picture file appears to be a document.
What can an investigator examine to verify that a file has the correct extension?
- A . the File Allocation Table
- B . the file header
- C . the file footer
- D . the sector map
Bob has been trying to penetrate a remote production system for the past two weeks. This time however, he is able to get into the system. He was able to use the System for a period of three weeks. However, law enforcement agencies were recoding his every activity and this was later presented as evidence.
The organization had used a Virtual Environment to trap Bob.
What is a Virtual Environment?
- A . A Honeypot that traps hackers
- B . A system Using Trojaned commands
- C . An environment set up after the user logs in
- D . An environment set up before a user logs in