EC-Council 312-49v10 Computer Hacking Forensic Investigator (CHFI-v10) Online Training
EC-Council 312-49v10 Online Training
The questions for 312-49v10 were last updated at Dec 24,2024.
- Exam Code: 312-49v10
- Exam Name: Computer Hacking Forensic Investigator (CHFI-v10)
- Certification Provider: EC-Council
- Latest update: Dec 24,2024
You are working on a thesis for your doctorate degree in Computer Science. Your thesis is based on HTML, DHTML, and other web-based languages and how they have evolved over the years.
You navigate to archive. org and view the HTML code of news.com. You then navigate to the current news.com website and copy over the source code. While searching through the code, you come across something abnormal:
What have you found?
- A . Web bug
- B . CGI code
- C . Trojan.downloader
- D . Blind bug
After undergoing an external IT audit, George realizes his network is vulnerable to DDoS attacks.
What countermeasures could he take to prevent DDoS attacks?
- A . Enable direct broadcasts
- B . Disable direct broadcasts
- C . Disable BGP
- D . Enable BGP
What is the following command trying to accomplish?
- A . Verify that UDP port 445 is open for the 192.168.0.0 network
- B . Verify that TCP port 445 is open for the 192.168.0.0 network
- C . Verify that NETBIOS is running for the 192.168.0.0 network
- D . Verify that UDP port 445 is closed for the 192.168.0.0 network
Which part of the Windows Registry contains the user’s password file?
- A . HKEY_LOCAL_MACHINE
- B . HKEY_CURRENT_CONFIGURATION
- C . HKEY_USER
- D . HKEY_CURRENT_USER
Printing under a Windows Computer normally requires which one of the following files types to be created?
- A . EME
- B . MEM
- C . EMF
- D . CME
You are working as a Computer forensics investigator for a corporation on a computer abuse case. You discover evidence that shows the subject of your investigation is also embezzling money from the company. The company CEO and the corporate legal counsel advise you to contact law enforcement and provide them with the evidence that you have found. The law enforcement officer that responds requests that you put a network sniffer on your network and monitor all traffic to the subject’s computer.
You inform the officer that you will not be able to comply with that request because doing so would:
- A . Violate your contract
- B . Cause network congestion
- C . Make you an agent of law enforcement
- D . Write information to the subject’s hard drive
An Employee is suspected of stealing proprietary information belonging to your company that he had no rights to possess. The information was stored on the Employees Computer that was protected with the NTFS Encrypted File System (EFS) and you had observed him copy the files to a floppy disk just before leaving work for the weekend. You detain the Employee before he leaves the building and recover the floppy disks and secure his computer.
Will you be able to break the encryption so that you can verify that that the employee was in possession of the proprietary information?
- A . EFS uses a 128-bit key that can’t be cracked, so you will not be able to recover the information
- B . When the encrypted file was copied to the floppy disk, it was automatically unencrypted, so you can recover the information.
- C . The EFS Revoked Key Agent can be used on the Computer to recover the information
- D . When the Encrypted file was copied to the floppy disk, the EFS private key was also copied to the floppy disk, so you can recover the information.
Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company’s network. Since Simon remembers some of the server names, he attempts to run the axfr and ixfr commands using DIG.
What is Simon trying to accomplish here?
- A . Send DOS commands to crash the DNS servers
- B . Perform DNS poisoning
- C . Perform a zone transfer
- D . Enumerate all the users in the domain
You should make at least how many bit-stream copies of a suspect drive?
- A . 1
- B . 2
- C . 3
- D . 4
When using Windows acquisitions tools to acquire digital evidence, it is important to use a well-tested hardware write-blocking device to:
- A . Automate Collection from image files
- B . Avoiding copying data from the boot partition
- C . Acquire data from host-protected area on a disk
- D . Prevent Contamination to the evidence drive
Latest 312-49v10 Dumps Valid Version with 601 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
