312-49v11無料問題集「EC-COUNCIL Computer Hacking Forensic Investigator (CHFI-v11)」

質問 1

Which of the following network attacks refers to sending huge volumes of email to an address in an attempt to overflow the mailbox, or overwhelm the server where the email address is hosted, to cause a denial-of-service attack?

（A）Mail bombing

（B）Phishing

（C）Email spoofing

（D）Email spamming

正解：A 解答を投票する

質問 2

What will the following Linux command accomplish?
dd if=/dev/mem of=/home/sam/mem.bin bs=1024

（A）Copy the memory dump file to an image file

（B）Copy the master boot record to a file

（C）Copy the running memory to a file

（D）Copy the contents of the system folder to a file

正解：C 解答を投票する

質問 3

If an attacker's computer sends an IPID of 31400 to a zombie computer on an open port in IDLE scanning, what will be the response?

（A）31399

（B）The zombie will not send a response

（C）31401

（D）31402

正解：C 解答を投票する

質問 4

Which among the following is an act passed by the U.S. Congress in 2002 to protect investors from the possibility of fraudulent accounting activities by corporations?

（A）SOX

（B）GLBA

（C）FISMA

（D）HIPAA

正解：A 解答を投票する

質問 5

John is using Firewalk to test the security of his Cisco PIX firewall. He is also utilizing a sniffer located on a subnet that resides deep inside his network. After analyzing the sniffer log files, he does not see any of the traffic produced by Firewalk. Why is that?

（A）Firewalk sets all packets with a TTL of zero

（B）Firewalk cannot pass through Cisco firewalls

（C）Firewalk sets all packets with a TTL of one

（D）Firewalk cannot be detected by network sniffers

正解：C 解答を投票する

質問 6

What is the CIDR from the following screenshot?

（A）/24A./24A./24

（B）/32B./32B./32

（C）/16C./16C./16

（D）/8D./8D./8

正解：D 解答を投票する

質問 7

The process of restarting a computer that is already turned on through the operating system is called?

（A）Hot Boot

（B）Cold boot

（C）Warm boot

（D）Ice boot

正解：C 解答を投票する

質問 8

Microsoft Outlook maintains email messages in a proprietary format in what type of file?

（A）.doc

（B）.pst

（C）.mail

（D）.email

正解：B 解答を投票する

質問 9

Which of the following techniques delete the files permanently?

（A）Artifact Wiping

（B）Trail obfuscation

（C）Data Hiding

（D）Steganography

正解：A 解答を投票する

質問 10

Which of the following acts as a network intrusion detection system as well as network intrusion prevention system?

（A）Nikto

（B）Snort

（C）Kismet

（D）Accunetix

正解：B 解答を投票する

質問 11

A computer forensics Investigator or forensic analyst Is a specially trained professional who works with law enforcement as well as private businesses to retrieve Information from computers and other types of data storage devices. For this, the analyst should have an excellent working knowledge of all aspects of the computer. Which of the following is not a duty of the analyst during a criminal investigation?

（A）To create an investigation report

（B）To recover data from suspect devices

（C）To fill the chain of custody

（D）To enforce the security of all devices and software in the scene

正解：D 解答を投票する

質問 12

Billy, a computer forensics expert, has recovered a large number of DBX files during the forensic investigation of a laptop. Which of the following email clients can he use to analyze the DBX files?

（A）Microsoft Outlook

（B）Eudora

（C）Microsoft Outlook Express

（D）Mozilla Thunderbird

正解：C 解答を投票する

質問 13

Which tool does the investigator use to extract artifacts left by Google Drive on the system?

（A）RAM Capturer

（B）PEBrowse Professional

（C）RegScanner

（D）Dependency Walker

正解：A 解答を投票する

312-49v11 無料問題集「EC-COUNCIL Computer Hacking Forensic Investigator (CHFI-v11)」

弊社を連絡する

関連リンク

トップ試験