[2022] 312-49v9 All-in-One Exam Guide Practice To your 312-49v9 Exam!
Preparations of 312-49v9 Exam 2022 CHFIv9 Unlimited 586 Questions
NEW QUESTION 61
What term is used to describe a cryptographic technique for embedding information into something else for the sole purpose of hiding that information from the casual observer?
- A. key escrow
- B. Offset
- C. rootkit
- D. steganography
Answer: D
NEW QUESTION 62
At the time of evidence transfer, both sender and receiver need to give the information about date and time of transfer in the chain of custody record.
- A. False
- B. True
Answer: B
NEW QUESTION 63
Which response organization tracks hoaxes as well as viruses?
- A. NIPC
- B. FEDCIRC
- C. CERT
- D. CIAC
Answer: D
Explanation:
Note: CIAC (Computer Incident Advisory Capability)
Was run by the US Department of energy
NEW QUESTION 64
If an attacker's computer sends an IPID of 31400 to a zombie computer on an open port in
IDLE scanning, what will be the response?
- A. 0
- B. 1
- C. The zombie will not send a response
- D. 2
Answer: B
NEW QUESTION 65
Which of the following is found within the unique instance ID key and helps investigators to map the entry from USBSTOR key to the MountedDevices key?
- A. LastWrite
- B. UserAssist key
- C. MRUListEx key
- D. ParentIDPrefix
Answer: D
NEW QUESTION 66
You are employed directly by an attorney to help investigate an alleged sexual harassment case at a large pharmaceutical manufacturer. While at the corporate office of the company, the CEO demands to know the status of the investigation. What prevents you from discussing the case with the CEO?
- A. Trade secrets
- B. ISO 17799
- C. Good manners
- D. The attorney-work-product rule
Answer: D
NEW QUESTION 67
Wireless access control attacks aim to penetrate a network by evading WLAN access control measures such as AP MAC filters and Wi-Fi port access controls. Which of the following wireless access control attacks allow the attacker to set up a rogue access point outside the corporate perimeter and then lure the employees of the organization to connect to it?
- A. Client mis-association
- B. Rogue access points
- C. Ad hoc associations
- D. MAC spoofing
Answer: A
NEW QUESTION 68
At what layer of the OSI model do routers function on?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: A
NEW QUESTION 69
The Apache server saves diagnostic information and error messages that it encounters while processing requests. The default path of this file is usr/local/apache/logs/error.log in Linux. Identify the Apache error log from the following logs.
- A. 127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700]"GET /apache_pb.gif HTTP/1.0" 200 2326
- B. [Wed Oct 11 14:32:52 2000] [error] [client 127.0.0.1] client denied by server configuration:
/export/home/live/ap/htdocs/test - C. 127.0.0.1 - - [10/Apr/2007:10:39:11 +0300] ] [error] "GET /apache_pb.gif HTTP/1.0" 200 2326
- D. http://victim.com/scripts/..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..% c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir+C:\Winnt\system32\Logfiles\W3SVC1
Answer: B
NEW QUESTION 70
Bob has encountered a system crash and has lost vital data stored on the hard drive of his Windows computer.
He has no cloud storage or backup hard drives. he wants to recover all those data, which includes his personal photos, music, documents, videos, official email, etc. Which of the following tools shall resolve Bob's purpose?
- A. Recuva
- B. Colasoft's Capsa
- C. Cain & Abel
- D. Xplico
Answer: D
NEW QUESTION 71
In a FAT32 system, a 123 KB file will use how many sectors?
- A. 0
- B. 1
- C. 2
- D. 3
- E. 4
Answer: A
Explanation:
If you assume that we are using 512 bytes sectors, then 123x1024/512 = 246 sectors would be needed.
NEW QUESTION 72
When investigating a wireless attack, what information can be obtained from the DHCP logs?
- A. MAC address of the attacker
If any computers on the network are running in promiscuous mode - B. The operating system of the attacker and victim computersThe operating system of the attacker and victim? computers
- C. IP traffic between the attacker and the victim
Answer: A
NEW QUESTION 73
You are called by an author who is writing a book and he wants to know how long the copyright for his book will last after he has the book published?
- A. Copyrights last forever
- B. 70 years
- C. The life of the author plus 70 years
- D. The life of the author
Answer: C
NEW QUESTION 74
Which of the following standard is based on a legal precedent regarding the admissibility of scientific examinations or experiments in legal cases?
- A. Schneiderman Standard
- B. FERPA standard
- C. Frye Standard
- D. Daubert Standard
Answer: C
NEW QUESTION 75
Bill is the accounting manager for Grummon and Sons LLC in Chicago. On a regular basis, he needs to send PDF documents containing sensitive information through E-mail to his customers. Bill protects the PDF documents with a password and sends them to their intended recipients. Why PDF passwords do not offer maximum protection?
- A. PDF passwords are not considered safe by Sarbanes-Oxley
- B. PDF passwords can easily be cracked by software brute force tools
- C. PDF passwords are converted to clear text when sent through E-mail
- D. When sent through E-mail, PDF passwords are stripped from the document completely
Answer: B
NEW QUESTION 76
What are the security risks of running a "repair" installation for Windows XP?
- A. Pressing Shift+F1 gives the user administrative rights
- B. Pressing Ctrl+F10 gives the user administrative rights
- C. There are no security risks when running the "repair" installation for Windows XP
- D. Pressing Shift+F10 gives the user administrative rights
Answer: D
NEW QUESTION 77
An intrusion detection system (IDS) gathers and analyzes information from within a computer or a network to identify any possible violations of security policy, including unauthorized access, as well as misuse.
Which of the following intrusion detection systems audit events that occur on a specific host?
- A. File integrity checking
- B. Log file monitoring
- C. Host-based intrusion detection
- D. Network-based intrusion detection
Answer: C
NEW QUESTION 78
You are a security analyst performing a penetration tests for a company in the Midwest. After some initial reconnaissance, you discover the IP addresses of some Cisco routers used by the company. You type in the following URL that includes the IP address of one of the routers:
http://172.168.4.131/level/99/exec/show/config
After typing in this URL, you are presented with the entire configuration file for that router. What have you discovered?
- A. Cisco IOS Arbitrary Administrative Access Online Vulnerability
- B. HTML Configuration Arbitrary Administrative Access Vulnerability
- C. HTTP Configuration Arbitrary Administrative Access Vulnerability
- D. URL Obfuscation Arbitrary Administrative Access Vulnerability
Answer: C
NEW QUESTION 79
Which is not a part of environmental conditions of a forensics lab?
- A. Large dimensions of the room
- B. Good cooling system to overcome excess heat generated by the work station
- C. Allocation of workstations as per the room dimensions
- D. Open windows facing the public road
Answer: D
NEW QUESTION 80
Which one of the following is not a first response procedure?
- A. Crack passwords
- B. Take photos
- C. Fill forms
- D. Preserve volatile data
Answer: A
NEW QUESTION 81
In a virtual test environment, Michael is testing the strength and security of BGP using multiple routers to mimic the backbone of the Internet. This project will help him write his doctoral thesis on "bringing down the Internet". Without sniffing the traffic between the routers, Michael sends millions of RESET packets to the routers in an attempt to shut one or all of them down. After a few hours, one of the routers finally shuts itself down. What will the other routers communicate between themselves?
- A. STOP packets to all other routers warning of where the attack originated
- B. The change in the routing fabric to bypass the affected router
- C. More RESET packets to the affected router to get it to power back up
- D. RESTART packets to the affected router to get it to power back up
Answer: B
NEW QUESTION 82
Which part of Metasploit framework helps users to hide the data related to a previously deleted file or currently unused by the allocated file.
- A. Slacker
- B. FragFS
- C. Waffen FS
- D. RuneFS
Answer: A
NEW QUESTION 83
An employee is attempting to wipe out data stored on a couple of compact discs (CDs) and digital video discs (DVDs) by using a large magnet. You inform him that this method will not be effective in wiping out the data because CDs and DVDs are _________ media used to store large amounts of data and are not affected by the magnet.
- A. Optical
- B. Anti-Magnetic
- C. Logical
- D. Magnetic
Answer: A
NEW QUESTION 84
Which of the following network attacks refers to sending huge volumes of email to an address in an attempt to overflow the mailbox, or overwhelm the server where the email address is hosted, to cause a denial-of-service attack?
- A. Email spamming
- B. Phishing
- C. Email spoofing
- D. Mail bombing
Answer: D
NEW QUESTION 85
You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?
- A. A web server facing the Internet, an application server on the internal network, a database server on the internal network
- B. All three servers need to face the Internet so that they can communicate between themselves
- C. All three servers need to be placed internally
- D. A web server and the database server facing the Internet, an application server on the internal network
Answer: B
NEW QUESTION 86
......
EC-COUNCIL 312-49v9 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
Focus on 312-49v9 All-in-One Exam Guide For Quick Preparation: https://www.passsureexam.com/312-49v9-pass4sure-exam-dumps.html