ExamGecko
Login
Home / ECCouncil / 312-49v10 / List of questions
Ask Question

ECCouncil 312-49v10 Practice Test - Questions Answers, Page 25

Add to Whishlist

List of questions

Question 241

Report Export Collapse

Harold is a computer forensics investigator working for a consulting firm out of Atlanta Georgi a. Harold is called upon to help with a corporate espionage case in Miami Florida. Harold assists in the investigation by pulling all the data from the computers allegedly used in the illegal activities. He finds that two suspects in the company where stealing sensitive corporate information and selling it to competing companies. From the email and instant messenger logs recovered, Harold has discovered that the two employees notified the buyers by writing symbols on the back of specific stop signs. This way, the buyers knew when and where to meet with the alleged suspects to buy the stolen material. What type of steganography did these two suspects use?

Become a Premium Member for full access
  Unlock Premium Member

Question 242

Report Export Collapse

What is the CIDR from the following screenshot?

ECCouncil 312-49v10 image Question 242 24268 09182024185459000000

Become a Premium Member for full access
  Unlock Premium Member

Question 243

Report Export Collapse

How many times can data be written to a DVD+R disk?

Become a Premium Member for full access
  Unlock Premium Member

Question 244

Report Export Collapse

What must be obtained before an investigation is carried out at a location?

Become a Premium Member for full access
  Unlock Premium Member

Question 245

Report Export Collapse

Paul is a computer forensics investigator working for Tyler & Company Consultants. Paul has been called upon to help investigate a computer hacking ring broken up by the local police. Paul begins to inventory the PCs found in the hackers hideout. Paul then comes across a PDA left by them that is attached to a number of different peripheral devices. What is the first step that Paul must take with the PDA to ensure the integrity of the investigation?

Become a Premium Member for full access
  Unlock Premium Member

Question 246

Report Export Collapse

During an investigation, an employee was found to have deleted harassing emails that were sent to someone else. The company was using Microsoft Exchange and had message tracking enabled.

Where could the investigator search to find the message tracking log file on the Exchange server?

Become a Premium Member for full access
  Unlock Premium Member

Question 247

Report Export Collapse

Paraben Lockdown device uses which operating system to write hard drive data?

Become a Premium Member for full access
  Unlock Premium Member

Question 248

Report Export Collapse

What technique is used by JPEGs for compression?

Become a Premium Member for full access
  Unlock Premium Member

Question 249

Report Export Collapse

John is working as a computer forensics investigator for a consulting firm in Canad a. He is called to seize a computer at a local web caf purportedly used as a botnet server. John thoroughly scans the computer and finds nothing that would lead him to think the computer was a botnet server. John decides to scan the virtual memory of the computer to possibly find something he had missed. What information will the virtual memory scan produce?

Become a Premium Member for full access
  Unlock Premium Member

Question 250

Report Export Collapse

What method of copying should always be performed first before carrying out an investigation?

Become a Premium Member for full access
  Unlock Premium Member
Total 704 questions
Go to page: of 71
Open VPLUS File
Convert VPLUS to PDF

Related questions

In Windows, prefetching is done to improve system performance. There are two types of prefetching: boot prefetching and application prefetching. During boot prefetching, what does the Cache Manager do?
Malware analysis can be conducted in various manners. An investigator gathers a suspicious executable file and uploads It to VirusTotal in order to confirm whether the file Is malicious, provide information about Its functionality, and provide Information that will allow to produce simple network signatures. What type of malware analysis was performed here?
This law sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations.
Report writing is a crucial stage in the outcome of an investigation. Which information should not be included in the report section?
During the course of a corporate investigation, you find that an Employee is committing a crime. Can the Employer file a criminal complaint with Police?
An Investigator Is checking a Cisco firewall log that reads as follows: Aug 21 2019 09:16:44: %ASA-1-106021: Deny ICMP reverse path check from 10.0.0.44 to 10.0.0.33 on Interface outside What does %ASA-1-106021 denote?
Which of the following refers to the data that might still exist in a cluster even though the original file has been overwritten by another file?
Volatile Memory is one of the leading problems for forensics. Worms such as code Red are memory resident and do write themselves to the hard drive, if you turn the system off they disappear. In a lab environment, which of the following options would you suggest as the most appropriate to overcome the problem of capturing volatile memory?
Which of the following tools is used to dump the memory of a running process, either immediately or when an error condition occurs?
You are working as Computer Forensics investigator and are called by the owner of an accounting firm to investigate possible computer abuse by one of the firm's employees. You meet with the owner of the firm and discover that the company has never published a policy stating that they reserve the right to inspect their computing assets at will. What do you do?