ExamGecko
Login
Home / ECCouncil / 312-49v10 / List of questions
Ask Question

ECCouncil 312-49v10 Practice Test - Questions Answers, Page 8

List of questions

Question 71

Report Export Collapse

How many sectors will a 125 KB file use in a FAT32 file system?

32
32
16
16
256
256
25
25
Suggested answer: C
asked 18/09/2024
Bright Ngobeni
49 questions

Question 72

Report Export Collapse

You are called by an author who is writing a book and he wants to know how long the copyright for his book will last after he has the book published?

70 years
70 years
the life of the author
the life of the author
the life of the author plus 70 years
the life of the author plus 70 years
copyrights last forever
copyrights last forever
Suggested answer: C
asked 18/09/2024
Dominique Dusabe
48 questions

Question 73

Report Export Collapse

When investigating a network that uses DHCP to assign IP addresses, where would you look to determine which system (MAC address) had a specific IP address at a specific time?

on the individual computer's ARP cache
on the individual computer's ARP cache
in the Web Server log files
in the Web Server log files
in the DHCP Server log files
in the DHCP Server log files
there is no way to determine the specific IP address
there is no way to determine the specific IP address
Suggested answer: C
asked 18/09/2024
Rafal Wozniak
42 questions

Question 74

Report Export Collapse

Bob has been trying to penetrate a remote production system for the past two weeks. This time however, he is able to get into the system. He was able to use the System for a period of three weeks. However, law enforcement agencies were recoding his every activity and this was later presented as evidence.

The organization had used a Virtual Environment to trap Bob. What is a Virtual Environment?

A Honeypot that traps hackers
A Honeypot that traps hackers
A system Using Trojaned commands
A system Using Trojaned commands
An environment set up after the user logs in
An environment set up after the user logs in
An environment set up before a user logs in
An environment set up before a user logs in
Suggested answer: A
asked 18/09/2024
Emanuel Sifuentes
50 questions

Question 75

Report Export Collapse

To make sure the evidence you recover and analyze with computer forensics software can be admitted in court, you must test and validate the software. What group is actively providing tools and creating procedures for testing and validating computer forensics software?

Computer Forensics Tools and Validation Committee (CFTVC)
Computer Forensics Tools and Validation Committee (CFTVC)
Association of Computer Forensics Software Manufactures (ACFSM)
Association of Computer Forensics Software Manufactures (ACFSM)
National Institute of Standards and Technology (NIST)
National Institute of Standards and Technology (NIST)
Society for Valid Forensics Tools and Testing (SVFTT)
Society for Valid Forensics Tools and Testing (SVFTT)
Suggested answer: C
asked 18/09/2024
Kishen Morar
51 questions

Question 76

Report Export Collapse

With Regard to using an Antivirus scanner during a computer forensics investigation, You should:

Scan the suspect hard drive before beginning an investigation
Scan the suspect hard drive before beginning an investigation
Never run a scan on your forensics workstation because it could change your systems configuration
Never run a scan on your forensics workstation because it could change your systems configuration
Scan your forensics workstation at intervals of no more than once every five minutes during an investigation
Scan your forensics workstation at intervals of no more than once every five minutes during an investigation
Scan your Forensics workstation before beginning an investigation
Scan your Forensics workstation before beginning an investigation
Suggested answer: D
asked 18/09/2024
Test Test
30 questions

Question 77

Report Export Collapse

Windows identifies which application to open a file with by examining which of the following?

The File extension
The File extension
The file attributes
The file attributes
The file Signature at the end of the file
The file Signature at the end of the file
The file signature at the beginning of the file
The file signature at the beginning of the file
Suggested answer: A
asked 18/09/2024
Novy Kingra
47 questions

Question 78

Report Export Collapse

You have used a newly released forensic investigation tool, which doesn't meet the Daubert Test, during a case. The case has ended-up in court. What argument could the defense make to weaken your case?

The tool hasn't been tested by the International Standards Organization (ISO)
The tool hasn't been tested by the International Standards Organization (ISO)
Only the local law enforcement should use the tool
Only the local law enforcement should use the tool
The total has not been reviewed and accepted by your peers
The total has not been reviewed and accepted by your peers
You are not certified for using the tool
You are not certified for using the tool
Suggested answer: C
asked 18/09/2024
Muhammad Imran
43 questions

Question 79

Report Export Collapse

Which of the following is NOT a graphics file?

Picture1.tga
Picture1.tga
Picture2.bmp
Picture2.bmp
Picture3.nfo
Picture3.nfo
Picture4.psd
Picture4.psd
Suggested answer: C
asked 18/09/2024
Rajeev Parameswaran
43 questions

Question 80

Report Export Collapse

When conducting computer forensic analysis, you must guard against ______________ So that you remain focused on the primary job and insure that the level of work does not increase beyond what was originally expected.

Hard Drive Failure
Hard Drive Failure
Scope Creep
Scope Creep
Unauthorized expenses
Unauthorized expenses
Overzealous marketing
Overzealous marketing
Suggested answer: B
asked 18/09/2024
mr Craig Ferguson
39 questions
Total 704 questions
Go to page: of 71
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

In Windows, prefetching is done to improve system performance. There are two types of prefetching: boot prefetching and application prefetching. During boot prefetching, what does the Cache Manager do?
Malware analysis can be conducted in various manners. An investigator gathers a suspicious executable file and uploads It to VirusTotal in order to confirm whether the file Is malicious, provide information about Its functionality, and provide Information that will allow to produce simple network signatures. What type of malware analysis was performed here?
This law sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations.
Report writing is a crucial stage in the outcome of an investigation. Which information should not be included in the report section?
During the course of a corporate investigation, you find that an Employee is committing a crime. Can the Employer file a criminal complaint with Police?
An Investigator Is checking a Cisco firewall log that reads as follows: Aug 21 2019 09:16:44: %ASA-1-106021: Deny ICMP reverse path check from 10.0.0.44 to 10.0.0.33 on Interface outside What does %ASA-1-106021 denote?
Which of the following refers to the data that might still exist in a cluster even though the original file has been overwritten by another file?
Volatile Memory is one of the leading problems for forensics. Worms such as code Red are memory resident and do write themselves to the hard drive, if you turn the system off they disappear. In a lab environment, which of the following options would you suggest as the most appropriate to overcome the problem of capturing volatile memory?
Which of the following tools is used to dump the memory of a running process, either immediately or when an error condition occurs?
You are working as Computer Forensics investigator and are called by the owner of an accounting firm to investigate possible computer abuse by one of the firm's employees. You meet with the owner of the firm and discover that the company has never published a policy stating that they reserve the right to inspect their computing assets at will. What do you do?