• Home
  • Articles
  • [Oct 04, 2021] 312-49 Dumps Full Questions - Exam Study Guide [Q69-Q89]

[Oct 04, 2021] 312-49 Dumps Full Questions - Exam Study Guide [Q69-Q89]

Share

[Oct 04, 2021] 312-49 Dumps Full Questions - Exam Study Guide

Certified Ethical Hacker  Free Certification Exam Material from Exam4Tests with 150 Questions

NEW QUESTION 69
The objective of this act was to protect consumers' personal financial information held by financial institutions and their service providers.

  • A. Sarbanes-Oxley 2002
  • B. California SB 1386
  • C. HIPAA
  • D. Gramm-Leach-Bliley Act

Answer: D

 

NEW QUESTION 70
You are working for a large clothing manufacturer as a computer forensics investigator and are called in to investigate an unusual case of an employee possibly stealing clothing designs from the company and selling them under a different brand name for a different company. What you discover during the course of the investigation is that the clothing designs are actually original products of the employee and the company has no policy against an employee selling his own designs on his own time. The only thing that you can find that the employee is doing wrong is that his clothing design incorporates the same graphic symbol as that of the company with only the wording in the graphic being different. What area of the law is the employee violating?

  • A. copyright law
  • B. printright law
  • C. brandmark law
  • D. trademark law

Answer: D

 

NEW QUESTION 71
You are using DriveSpy, a forensic tool and want to copy 150 sectors where the starting sector is 1709 on the primary hard drive. Which of the following formats correctly specifies these sectors?

  • A. 0:1000, 150
  • B. 0:1709-1858
  • C. 1:1709, 150
  • D. 0:1709, 150

Answer: D

 

NEW QUESTION 72
When searching through file headers for picture file formats, what should be searched to find a JPEG file in hexadecimal format?

  • A. FF 00 FF 00 FF 00
  • B. FF FF FF FF FF FF
  • C. FF D8 FF E0 00 10
  • D. EF 00 EF 00 EF 00

Answer: C

 

NEW QUESTION 73
Why are Linux/Unix based computers better to use than Windows computers for idle scanning?

  • A. Windows computers are constantly talking
  • B. Windows computers will not respond to idle scans
  • C. Linux/Unix computers are easier to compromise
  • D. Linux/Unix computers are constantly talking

Answer: A

Explanation:
Explanation

 

NEW QUESTION 74
You are a security analyst performing a penetration tests for a company in the Midwest. After some initial reconnaissance, you discover the IP addresses of some Cisco routers used by the company. You type in the following URL that includes the IP address of one of the routers:
http://172.168.4.131/level/99/exec/show/config
After typing in this URL, you are presented with the entire configuration file for that router. What have you discovered?

  • A. URL Obfuscation Arbitrary Administrative Access Vulnerability
  • B. HTTP Configuration Arbitrary Administrative Access Vulnerability
  • C. Cisco IOS Arbitrary Administrative Access Online Vulnerability
  • D. HTML Configuration Arbitrary Administrative Access Vulnerability

Answer: B

 

NEW QUESTION 75
In Microsoft file structures, sectors are grouped together to form:

  • A. Clusters
  • B. Bitstreams
  • C. Partitions
  • D. Drives

Answer: A

 

NEW QUESTION 76
Steven has been given the task of designing a computer forensics lab for the company he works for. He has found documentation on all aspects of how to design a lab except the number of exits needed. How many exits should Steven include in his design for the computer forensics lab?

  • A. Two
  • B. Four
  • C. Three
  • D. One

Answer: D

Explanation:
Explanation/Reference:

 

NEW QUESTION 77
Paraben Lockdown device uses which operating system to write hard drive data?

  • A. Mac OS
  • B. Red Hat
  • C. Unix
  • D. Windows

Answer: D

 

NEW QUESTION 78
When marking evidence that has been collected with the aa/ddmmyy/nnnn/zz?format, what does the nnn?denote?When marking evidence that has been collected with the
?aa/ddmmyy/nnnn/zz?format, what does the ?nnn?denote?

  • A. The sequential number of the exhibits seized
  • B. The initials of the forensics analyst
  • C. The year the evidence was taken
  • D. The sequence number for the parts of the same exhibit

Answer: A

 

NEW QUESTION 79
Why would you need to find out the gateway of a device when investigating a wireless attack?

  • A. The gateway will be the IP of the proxy server used by the attacker to launch the attack
  • B. The gateway will be the IP used to manage the access point
  • C. The gateway will be the IP used to manage the RADIUS server
  • D. The gateway will be the IP of the attacker computer

Answer: B

 

NEW QUESTION 80
The offset in a hexadecimal code is:

  • A. The 0x at the end of the code
  • B. The last byte after the colon
  • C. The 0x at the beginning of the code
  • D. The first byte after the colon

Answer: C

 

NEW QUESTION 81
When carrying out a forensics investigation, why should you never delete a partition on a dynamic disk?

  • A. The wrong partition may be set to active
  • B. The computer will be set in a constant reboot state
  • C. All virtual memory will be deleted
  • D. This action can corrupt the disk

Answer: D

 

NEW QUESTION 82
A forensics investigator needs to copy data from a computer to some type of removable media so he can examine the information at another location. The problem is that the data is around 42GB in size. What type of removable media could the investigator use?

  • A. DVD-18
  • B. HD-DVD
  • C. Blu-Ray dual-layer
  • D. Blu-Ray single-layer

Answer: C

 

NEW QUESTION 83
What term is used to describe a cryptographic technique for embedding information into something else for the sole purpose of hiding that information from the casual observer?

  • A. Offset
  • B. rootkit
  • C. steganography
  • D. key escrow

Answer: C

 

NEW QUESTION 84
With regard to using an antivirus scanner during a computer forensics investigation, you should:

  • A. Scan your forensics workstation at intervals of no more than once every five minutes during an investigation
  • B. Never run a scan on your forensics workstation because it could change your system configurationNever run a scan on your forensics workstation because it could change your system? configuration
  • C. Scan the suspect hard drive before beginning an investigation
  • D. Scan your forensics workstation before beginning an investigation

Answer: D

 

NEW QUESTION 85
When performing a forensics analysis, what device is used to prevent the system from recording data on an evidence disk?

  • A. a write-blocker
  • B. a firewall
  • C. a disk editor
  • D. a protocol analyzer

Answer: A

 

NEW QUESTION 86
An investigator is searching through the firewall logs of a company and notices ICMP packets that are larger than 65,536 bytes. What type of activity is the investigator seeing?

  • A. Ping of death
  • B. Fraggle
  • C. Smurf
  • D. Nmap scan

Answer: A

 

NEW QUESTION 87
Where are files temporarily written in Unix when printing?

  • A. /var/spool
  • B. /var/print
  • C. /spool
  • D. /usr/spool

Answer: A

 

NEW QUESTION 88
Jacob is a computer forensics investigator with over 10 years experience in investigations and has written over 50 articles on computer forensics. He has been called upon as a qualified witness to testify the accuracy and integrity of the technical log files gathered in an investigation into computer fraud. What is the term used for Jacob testimony in this case?computer fraud. What is the term used for Jacob? testimony in this case?

  • A. Certification
  • B. Reiteration
  • C. Authentication
  • D. Justification

Answer: C

 

NEW QUESTION 89
......

Dumps Brief Outline Of The 312-49 Exam: https://www.exam4tests.com/312-49-valid-braindumps.html

Related Articles

more
EC-COUNCIL 312-49 Certification Practice Exam

Copyright © 2026 Exam4Tests NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy