312-49無料問題集「EC-COUNCIL Computer Hacking Forensic Investigator」

質問 1

Sectors in hard disks typically contain how many bytes?

（A）256

（B）512

（C）1024

（D）2048

正解：B 解答を投票する

質問 2

A small law firm located in the Midwest has possibly been breached by a computer hacker looking to obtain information on their clientele. The law firm does not have any on-site IT employees, but wants to search for evidence of the breach themselves to prevent any possible media attention. Why would this not be recommended?

（A）Searching for evidence themselves would not have any ill effects

（B）Searching could possibly crash the machine or device

（C）Searching can change date/time stamps

（D）Searching creates cache files, which would hinder the investigation

正解：C 解答を投票する

質問 3

Harold is finishing up a report on a case of network intrusion, corporate spying, and embezzlement that he has been working on for over six months. He is trying to find the right term to use in his report to describe network-enabled spying. What term should Harold use?

（A）Hackspionage

（B）Netspionage

（C）Spynet

（D）Spycrack

正解：B 解答を投票する

質問 4

You are working in the Security Department of a law firm. One of the attorneys asks you about the topic of sending fake email because he has a client who has been charged with doing just that. His client alleges that he is innocent and that there is no way for a fake email to actually be sent. You inform the attorney that his client is mistaken and that fake email is a possibility and that you can prove it. You return to your desk and craft a fake email to the attorney that appears to come from his boss. What port do you send the email to on the company SMTP server?fake email to the attorney that appears to come from his boss. What port do you send the email to on the company? SMTP server?

（A）135

（B）10

（C）25

（D）110

正解：C 解答を投票する

質問 5

When reviewing web logs, you see an entry for esource not found?in the HTTP status code field. What is the actual error code that you wouldWhen reviewing web logs, you see an entry for ?esource not found?in the HTTP status code field. What is the actual error code that you would see in the log for esource not found?see in the log for ?esource not found?

（A）404

（B）202

（C）999

（D）606

正解：A 解答を投票する

質問 6

Where are files temporarily written in Unix when printing?

（A）/var/print

（B）/var/spool

（C）/spool

（D）/usr/spool

正解：B 解答を投票する

質問 7

A suspect is accused of violating the acceptable use of computing resources, as he has visited adult websites and downloaded images. The investigator wants to demonstrate that the suspect did indeed visit these sites. However, the suspect has cleared the search history and emptied the cookie cache. Moreover, he has removed any images he might have downloaded. What can the investigator do to prove the violation? Choose the most feasible option.

（A）Check the Windows registry for connection data (You may or may not recover)

（B）Approach the websites for evidence

（C）Seek the help of co-workers who are eye-witnesses

（D）Image the disk and try to recover deleted files

正解：D 解答を投票する

質問 8

When a router receives an update for its routing table, what is the metric value change to that path?

（A）Decreased by 1

（B）Increased by 2

（C）Decreased by 2

（D）Increased by 1

正解：D 解答を投票する

質問 9

Where is the default location for Apache access logs on a Linux computer?

（A）usr/logs/access_log

（B）logs/usr/apache/access_log

（C）usr/local/apache/logs/access_log

（D）bin/local/home/apache/logs/access_log

正解：C 解答を投票する

質問 10

What will the following Linux command accomplish? dd if=/dev/mem
of=/home/sam/mem.bin bs=1024

（A）Copy the memory dump file to an image file

（B）Copy the contents of the system folder em?to a fileCopy the contents of the system folder ?em?to a file

（C）Copy the master boot record to a file

（D）Copy the running memory to a file

正解：D 解答を投票する

312-49 無料問題集「EC-COUNCIL Computer Hacking Forensic Investigator」

弊社を連絡する

関連リンク

トップ試験