ECCouncil 312-49v10 Practice Test - Questions Answers, Page 26

Jacob is a computer forensics investigator with over 10 years experience in investigations and has written over 50 articles on computer forensics. He has been called upon as a qualified witness to testify the accuracy and integrity of the technical log files gathered in an investigation into computer fraud. What is the term used for Jacob testimony in this case?

How often must a company keep log files for them to be admissible in a court of law?

What file is processed at the end of a Windows XP boot to initialize the logon dialog box?

John is working on his company policies and guidelines. The section he is currently working on covers company documents; how they should be handled, stored, and eventually destroyed. John is concerned about the process whereby outdated documents are destroyed. What type of shredder should John write in the guidelines to be used when destroying documents?

To check for POP3 traffic using Ethereal, what port should an investigator search by?

When should an MD5 hash check be performed when processing evidence?

At what layer does a cross site scripting attack occur on?

Davidson Trucking is a small transportation company that has three local offices in Detroit Michigan.

Ten female employees that work for the company have gone to an attorney reporting that male employees repeatedly harassed them and that management did nothing to stop the problem.

Davidson has employee policies that outline all company guidelines, including awareness on harassment and how it will not be tolerated. When the case is brought to court, whom should the prosecuting attorney call upon for not upholding company policy?

When searching through file headers for picture file formats, what should be searched to find a JPEG file in hexadecimal format?