EC-Council 312-49v9 ECCouncil Computer Hacking Forensic Investigator (V9) Online Training
EC-Council 312-49v9 Online Training
The questions for 312-49v9 were last updated at Oct 29,2024.
- Exam Code: 312-49v9
- Exam Name: ECCouncil Computer Hacking Forensic Investigator (V9)
- Certification Provider: EC-Council
- Latest update: Oct 29,2024
What does ICMP Type 3/Code 13 mean?
- A . Host Unreachable
- B . Administratively Blocked
- C . Port Unreachable
- D . Protocol Unreachable
Why are Linux/Unix based computers better to use than Windows computers for idle scanning?
- A . Linux/Unix computers are easier to compromise
- B . Linux/Unix computers are constantly talking
- C . Windows computers are constantly talking
- D . Windows computers will not respond to idle scans
James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network .
What type of DoS attack is James testing against his network?
- A . Smurf
- B . Trinoo
- C . Fraggle
- D . SYN flood
With the standard Linux second extended file system (Ext2fs), a file is deleted when the inode internal link count reaches ________.
- A . 0
- B . 10
- C . 100
- D . 1
You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same .
What type of virus is this that you are testing?
- A . Polymorphic
- B . Metamorphic
- C . Oligomorhic
- D . Transmorphic
If an attacker’s computer sends an IPID of 31400 to a zombie computer on an open port in IDLE scanning, what will be the response?
- A . The zombie will not send a response
- B . 31402
- C . 31399
- D . 31401
Jason has set up a honeypot environment by creating a DMZ that has no physical or logical access to his production network. In this honeypot, he has placed a server running Windows Active Directory. He has also placed a Web server in the DMZ that services a number of web pages that offer visitors a chance to download sensitive information by clicking on a button. A week later, Jason finds in his network logs how an intruder accessed the honeypot and downloaded sensitive information. Jason uses the logs to try and prosecute the intruder for stealing sensitive corporate information .
Why will this not be viable?
- A . Entrapment
- B . Enticement
- C . Intruding into a honeypot is not illegal
- D . Intruding into a DMZ is not illegal
What is kept in the following directory? HKLMSECURITYPolicySecrets
- A . Cached password hashes for the past 20 users
- B . Service account passwords in plain text
- C . IAS account names and passwords
- D . Local store PKI Kerberos certificates
You have been asked to investigate after a user has reported a threatening e-mail they have received from an external source .
Which of the following are you most interested in when trying to trace the source of the message?
- A . The X509 Address
- B . The SMTP reply Address
- C . The E-mail Header
- D . The Host Domain Name
You setup SNMP in multiple offices of your company. Your SNMP software manager is not receiving data from other offices like it is for your main office. You suspect that firewall changes are to blame .
What ports should you open for SNMP to work through Firewalls? (Choose two.)
- A . 162
- B . 161
- C . 163
- D . 160
Latest 312-49v9 Dumps Valid Version with 547 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
