EC-Council 312-49v9 ECCouncil Computer Hacking Forensic Investigator (V9) Online Training
EC-Council 312-49v9 Online Training
The questions for 312-49v9 were last updated at Oct 29,2024.
- Exam Code: 312-49v9
- Exam Name: ECCouncil Computer Hacking Forensic Investigator (V9)
- Certification Provider: EC-Council
- Latest update: Oct 29,2024
Profiling is a forensics technique for analyzing evidence with the goal of identifying the perpetrator from their various activity.
After a computer has been compromised by a hacker, which of the following would be most important in forming a profile of the incident?
- A . The manufacturer of the system compromised
- B . The logic, formatting and elegance of the code used in the attack
- C . The nature of the attack
- D . The vulnerability exploited in the incident
____________________ is simply the application of Computer Investigation and analysis techniques in the interests of determining potential legal evidence.
- A . Network Forensics
- B . Computer Forensics
- C . Incident Response
- D . Event Reaction
John is using Firewalk to test the security of his Cisco PIX firewall. He is also utilizing a sniffer located on a subnet that resides deep inside his network. After analyzing the sniffer log files, he does not see any of the traffic produced by Firewalk .
Why is that?
- A . Firewalk cannot pass through Cisco firewalls
- B . Firewalk sets all packets with a TTL of zero
- C . Firewalk cannot be detected by network sniffers
- D . Firewalk sets all packets with a TTL of one
You are working for a local police department that services a population of 1,000,000 people and you have been given the task of building a computer forensics lab .
How many law-enforcement computer investigators should you request to staff the lab?
- A . 8
- B . 1
- C . 4
- D . 2
Frank is working on a vulnerability assessment for a company on the West coast. The company hired Frank to assess its network security through scanning, pen tests, and vulnerability assessments. After discovering numerous known vulnerabilities detected by a temporary IDS he set up, he notices a number of items that show up as unknown but Questionable in the logs. He looks up the behavior on the Internet, but cannot find anything related .
What organization should Frank submit the log to find out if it is a new vulnerability or not?
- A . APIPA
- B . IANA
- C . CVE
- D . RIPE
When reviewing web logs, you see an entry for resource not found in the HTTP status code filed.
What is the actual error code that you would see in the log for resource not found?
- A . 202
- B . 404
- C . 505
- D . 909
Which of the following refers to the data that might still exist in a cluster even though the original file has been overwritten by another file?
- A . Sector
- B . Metadata
- C . MFT
- D . Slack Space
After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, stateful firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet .
Why is that?
- A . Stateful firewalls do not work with packet filtering firewalls
- B . NAT does not work with stateful firewalls
- C . IPSEC does not work with packet filtering firewalls
- D . NAT does not work with IPSEC
You just passed your ECSA exam and are about to start your first consulting job running security audits for a financial institution in Los Angeles. The IT manager of the company you will be working for tries to see if you remember your ECSA class. He asks about the methodology you will be using to test the company’s network .
How would you answer?
- A . Microsoft Methodology
- B . Google Methodology
- C . IBM Methodology
- D . LPT Methodology
To make sure the evidence you recover and analyze with computer forensics software can be admitted in court, you must test and validate the software .
What group is actively providing tools and creating procedures for testing and validating computer forensics software?
- A . Computer Forensics Tools and Validation Committee (CFTVC)
- B . Association of Computer Forensics Software Manufactures (ACFSM)
- C . National Institute of Standards and Technology (NIST)
- D . Society for Valid Forensics Tools and Testing (SVFTT)
Latest 312-49v9 Dumps Valid Version with 547 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
