Top Tips Of Update 312-49v9 Test Question

NEW QUESTION 1

Buffer Overflow occurs when an application writes more data to a block of memory, or buffer, than the buffer is allocated to hold. Buffer overflow attacks allow an attacker to modify the ___ in order to control the process execution, crash the process and modify internal variables.

• A. Target process's address space
• B. Target remote access
• C. Target rainbow table
• D. Target SAM file

Answer: A

NEW QUESTION 2

Jones had been trying to penetrate a remote production system for the past two weeks. This time however, he is able to get into the system. He was able to use the system for a period of three weeks. However law enforcement agencies were recording his every activity and this was later presented as evidence. The organization had used a virtual environment to trap Jones. What is a virtual environment?

• A. A system using Trojaned commands
• B. A honeypot that traps hackers
• C. An environment set up after the user logs in
• D. An environment set up before an user logs in

Answer: B

NEW QUESTION 3

Syslog is a client/server protocol standard for forwarding log messages across an IP network. Syslog uses ___ to transfer log messages in a clear text format.

• A. TCP
• B. FTP
• C. SMTP
• D. POP

Answer: A

NEW QUESTION 4

Which of the following is the certifying body of forensics labs that investigate criminal cases by analyzing evidence?

• A. The American Society of Crime Laboratory Directors (ASCLD)
• B. International Society of Forensics Laboratory (ISFL)
• C. The American Forensics Laboratory Society (AFLS)
• D. The American Forensics Laboratory for Computer Forensics (AFLCF)

Answer: A

NEW QUESTION 5

Identify the attack from following sequence of actions?
Step 1: A user logs in to a trusted site and creates a new session
Step 2: The trusted site stores a session identifier for the session in a cookie in the web browser Step 3: The user is tricked to visit a malicious site
Step 4: the malicious site sends a request from the user's browser using his session cookie

• A. Web Application Denial-of-Service (DoS) Attack
• B. Cross-Site Scripting (XSS) Attacks
• C. Cross-Site Request Forgery (CSRF) Attack
• D. Hidden Field Manipulation Attack

Answer: C

NEW QUESTION 6

When NTFS Is formatted, the format program assigns the _____ sectors to the boot sectors and to the bootstrap code

• A. First 12
• B. First 16
• C. First 22
• D. First 24

Answer: B

NEW QUESTION 7

How many possible sequence number combinations are there in TCP/IP protocol?

• A. 320 billion
• B. 1 billion
• C. 4 billion
• D. 32 million

Answer: C

NEW QUESTION 8

Harold wants to set up a firewall on his network but is not sure which one would be the most appropriate. He knows he needs to allow FTP traffic to one of the servers on his network, but he wants to only allow FTP-PUT. Which firewall would be most appropriate for Harold? needs?

• A. Packet filtering firewall
• B. Circuit-level proxy firewall
• C. Application-level proxy firewall
• D. Data link layer firewall

Answer: C

NEW QUESTION 9

How many sectors will a 125 KB file use in a FAT32 file system?

• A. 32
• B. 16
• C. 250
• D. 25

Answer: C

Explanation:
If you assume that we are using 512 bytes sectors, then 125x1024/512 = 250 sectors would be needed.
Actually, this is the same for a FAT16 file system as well.

NEW QUESTION 10

Quality of a raster Image is determined by the ____ and the amount of information in each pixel.

• A. Total number of pixels
• B. Image file format
• C. Compression method
• D. Image file size

Answer: A

NEW QUESTION 11

Log management includes all the processes and techniques used to collect, aggregate, and analyze computer-generated log messages. It consists of the hardware, software, network and media used to generate, transmit, store, analyze, and dispose of log data.

• A. True
• B. False

Answer: A

NEW QUESTION 12

If you come across a sheepdip machine at your client site, what would you infer?

• A. A sheepdip coordinates several honeypots
• B. A sheepdip computer is another name for a honeypot
• C. A sheepdip computer is used only for virus-checking.
• D. A sheepdip computer defers a denial of service attack

Answer: C

NEW QUESTION 13

What will the following command accomplish in Linux? fdisk /dev/hda

• A. Partition the hard drive
• B. Format the hard drive
• C. Delete all files under the /dev/hda folder
• D. Fill the disk with zeros

Answer: A

NEW QUESTION 14

Computer forensics report provides detailed information on complete computer forensics investigation process. It should explain how the incident occurred, provide technical details of the incident and should be clear to understand. Which of the following attributes of a forensics report can render it inadmissible in a court of law?

• A. It includes metadata about the incident
• B. It includes relevant extracts referred to In the report that support analysis or conclusions
• C. It is based on logical assumptions about the incident timeline
• D. It maintains a single document style throughout the text

Answer: C

NEW QUESTION 15

Which of the following is NOT a graphics file?

• A. Picture1.tga
• B. Picture2.bmp
• C. Picture3.nfo
• D. Picture4.psd

Answer: C

NEW QUESTION 16

When reviewing web logs, you see an entry for resource not found in the HTTP status code filed. What is the actual error code that you would see in the log for resource not found?

• A. 202
• B. 404
• C. 505
• D. 909

Answer: B

NEW QUESTION 17

A forensic investigator is a person who handles the complete Investigation process, that is, the preservation, identification, extraction, and documentation of the evidence. The investigator has many roles and responsibilities relating to the cybercrime analysis. The role of the forensic investigator is to:

• A. Take permission from all employees of the organization for investigation
• B. Harden organization network security
• C. Create an image backup of the original evidence without tampering with potential evidence
• D. Keep the evidence a highly confidential and hide the evidence from law enforcement agencies

Answer: C

NEW QUESTION 18

Which of the following is not an example of a cyber-crime?

• A. Fraud achieved by the manipulation of the computer records
• B. Firing an employee for misconduct
• C. Deliberate circumvention of the computer security systems
• D. Intellectual property theft, including software piracy

Answer: B

NEW QUESTION 19

First response to an incident may involve three different groups of people, and each will have differing skills and need to carry out differing tasks based on the incident. Who is responsible for collecting, preserving, and packaging electronic evidence?

• A. System administrators
• B. Local managers or other non-forensic staff
• C. Forensic laboratory staff
• D. Lawyers

Answer: C

NEW QUESTION 20

A mobile operating system is the operating system that operates a mobile device like a mobile phone, smartphone, PDA, etc. It determines the functions and features available on mobile devices such as keyboards, applications, email, text messaging, etc. Which of the following mobile operating systems is free and open source?

• A. Web OS
• B. Android
• C. Apple IOS
• D. Symbian OS

Answer: B

NEW QUESTION 21

What are the security risks of running a "repair" installation for Windows XP?

• A. Pressing Shift+F1 gives the user administrative rights
• B. Pressing Ctrl+F10 gives the user administrative rights
• C. There are no security risks when running the "repair" installation for Windows XP
• D. Pressing Shift+F10 gives the user administrative rights

Answer: D

NEW QUESTION 22

Which of the following steganography types hides the secret message in a specifically designed pattern on the document that is unclear to the average reader?

• A. Open code steganography
• B. Visual semagrams steganography
• C. Text semagrams steganography
• D. Technical steganography

Answer: A

NEW QUESTION 23

The Recycle Bin exists as a metaphor for throwing files away, but it also allows user to retrieve and restore files. Once the file is moved to the recycle bin, a record is added to the log file that exists in the Recycle Bin.
Which of the following files contains records that correspond to each deleted file in the Recycle Bin?

• A. INFO2 file
• B. INFO1 file
• C. LOGINFO2 file
• D. LOGINFO1 file

Answer: A

NEW QUESTION 24

Sectors in hard disks typically contain how many bytes?

• A. 256
• B. 512
• C. 1024
• D. 2048

Answer: B

NEW QUESTION 25

Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test. The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable. What kind of results did Jim receive from his vulnerability analysis?

• A. False negatives
• B. True negatives
• C. True positives
• D. False positives

Answer: A

NEW QUESTION 26

Digital photography helps in correcting the perspective of the Image which Is used In taking the measurements of the evidence. Snapshots of the evidence and incident-prone areas
need to be taken to help in the forensic process. Is digital photography accepted as evidence in the court of law?

• A. Yes
• B. No

Answer: A

NEW QUESTION 27

Which of the following statements does not support the case assessment?

• A. Review the case investigator's request for service
• B. Identify the legal authority for the forensic examination request
• C. Do not document the chain of custody
• D. Discuss whether other forensic processes need to be performed on the evidence

Answer: C

NEW QUESTION 28

You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have rummaged through their trash and found very little information. You do not want to set off any alarms on their network, so you plan on performing passive footprinting against their Web servers. What tool should you use?

• A. Dig
• B. Ping sweep
• C. Netcraft
• D. Nmap

Answer: C

NEW QUESTION 29
......