[Q39-Q59] 312-49v10 Certification Exam Dumps Questions in here [Nov-2024]

312-49v10 Certification Exam Dumps Questions in here [Nov-2024]

Updated 312-49v10 Exam Practice Test Questions

EC-COUNCIL 312-49v10 certification exam is the latest version of the Computer Hacking Forensic Investigator (CHFI-v10) certification exam. Computer Hacking Forensic Investigator (CHFI-v10) certification exam is recognized globally and is highly regarded in the IT industry. Computer Hacking Forensic Investigator (CHFI-v10) certification exam is designed to test the knowledge and skills of professionals in various aspects of computer forensics such as digital evidence collection, analysis, and preservation.

 

NEW QUESTION # 39
The police believe that Melvin Matthew has been obtaining unauthorized access to computers belonging to numerous computer software and computer operating systems manufacturers, cellular telephone manufacturers, Internet Service Providers and Educational Institutions. They also suspect that he has been stealing, copying and misappropriating proprietary computer software belonging to the several victim companies. What is preventing the police from breaking down the suspects door and searching his home and seizing all of his computer equipment if they have not yet obtained a warrant?

• A. The Federal Rules of Evidence
• B. The Fourth Amendment
• C. The USA patriot Act
• D. The Good Samaritan Laws

Answer: B

NEW QUESTION # 40
Which of the following attacks allows an attacker to access restricted directories, including application source code, configuration and critical system files, and to execute commands outside of the web server's root directory?

• A. Parameter/form tampering
• B. Security misconfiguration
• C. Unvalidated input
• D. Directory traversal

Answer: D

NEW QUESTION # 41
Which of the following ISO standard defines file systems and protocol for exchanging data between optical disks?

• A. ISO 9060
• B. ISO/IEC 13940
• C. IEC 3490
• D. ISO 9660

Answer: D

NEW QUESTION # 42
What type of attack occurs when an attacker can force a router to stop forwarding packets by flooding the router with many open connections simultaneously so that all the hosts behind the router are effectively disabled?

• A. physical attack
• B. ARP redirect
• C. denial of service
• D. digital attack

Answer: C

NEW QUESTION # 43
During a forensic investigation, a large number of files were collected. The investigator needs to evaluate ownership and accountability of those files. Therefore, he begins to Identify attributes such as "author name," "organization name." "network name," or any additional supporting data that is meant for the owner's Identification purpose. Which term describes these attributes?

• A. Data index
• B. Data header
• C. Metabase
• D. Metadata

Answer: D

NEW QUESTION # 44
Fill In the missing Master Boot Record component.
1. Master boot code
2. Partition table
3._______________

• A. Boot loader
• B. Volume boot record
• C. Signature word
• D. Disk signature

Answer: A

NEW QUESTION # 45
A master boot record (MBR) is the first sector ("sector zero") of a data storage device. What is the size of MBR?

• A. 1048 Bytes
• B. 512 Bytes
• C. Depends on the capacity of the storage device
• D. 4092 Bytes

Answer: B

NEW QUESTION # 46
Why is it a good idea to perform a penetration test from the inside?

• A. It is never a good idea to perform a penetration test from the inside
• B. It is easier to hack from the inside
• C. Because 70% of attacks are from inside the organization
• D. To attack a network from a hacker's perspective

Answer: C

NEW QUESTION # 47
Amber, a black hat hacker, has embedded a malware into a small enticing advertisement and posted it on a popular ad-network that displays across various websites. What is she doing?

• A. Malvertising
• B. Click-jacking
• C. Spearphishing
• D. Compromising a legitimate site

Answer: A

NEW QUESTION # 48
When investigating a network that uses DHCP to assign IP addresses, where would you look to determine which system (MAC address) had a specific IP address at a specific time?

• A. there is no way to determine the specific IP address
• B. in the Web Server log files
• C. on the individual computer's ARP cache
• D. in the DHCP Server log files

Answer: D

NEW QUESTION # 49
You are assisting in the investigation of a possible Web Server Hack. The company who called you stated that customers reported to them that whenever they entered the web address of the company in their browser, what they received was a porno graphic web site. The company checked the web server and nothing appears wrong. When you type in the IP address of the web site in your browser everything appears normal. What is the name of the attack that affects the DNS cache of the name resolution servers, resulting in those servers directing users to the wrong web site?

• A. DNS Poisoning
• B. IP Spoofing
• C. ARP Poisoning
• D. HTTP redirect attack

Answer: A

NEW QUESTION # 50
When operating systems mark a cluster as used but not allocated, the cluster is considered as _________

• A. Bad
• B. Unallocated
• C. Corrupt
• D. Lost

Answer: D

NEW QUESTION # 51
James, a hacker, identifies a vulnerability in a website. To exploit the vulnerability, he visits the login page and notes down the session ID that is created. He appends this session ID to the login URL and shares the link with a victim. Once the victim logs into the website using the shared URL, James reloads the webpage (containing the URL with the session ID appended) and now, he can browse the active session of the victim. Which attack did James successfully execute?

• A. Cookie Tampering
• B. Parameter Tampering
• C. Session Fixation Attack
• D. Cross Site Request Forgery

Answer: C

NEW QUESTION # 52
If a suspect computer is located in an area that may have toxic chemicals, you must:

• A. determine a way to obtain the suspect computer
• B. assume the suspect machine is contaminated
• C. coordinate with the HAZMAT team
• D. do not enter alone

Answer: C

NEW QUESTION # 53
Which is a standard procedure to perform during all computer forensics investigations?

• A. with the hard drive removed from the suspect PC, check the date and time in the system's CMOS
• B. with the hard drive in the suspect PC, check the date and time in the File Allocation Table
• C. with the hard drive removed from the suspect PC, check the date and time in the system's RAM
• D. with the hard drive in the suspect PC, check the date and time in the system's CMOS

Answer: A

NEW QUESTION # 54
Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is Jessica going to perform?

• A. Smurf scan
• B. ICMP ping sweep
• C. Tracert
• D. Ping trace

Answer: B

NEW QUESTION # 55
Analyze the hex representation of mysql-bin.000013 file in the screenshot below. Which of the following will be an inference from this analysis?

• A. A WordPress user has been created with the username bad_guy
• B. A user with username bad_guy has logged into the WordPress web application
• C. A WordPress user has been created with the username anonymous_hacker
• D. An attacker with name anonymous_hacker has replaced a user bad_guy in the WordPress database

Answer: A

NEW QUESTION # 56
What will the following command accomplish?

• A. Test the ability of a router to handle under-sized packets
• B. Test ability of a router to handle over-sized packets
• C. Test the ability of a router to handle fragmented packets
• D. Test the ability of a WLAN to handle fragmented packets

Answer: B

NEW QUESTION # 57
When installed on a Windows machine, which port does the Tor browser use to establish a network connection via Tor nodes?

• A. 0
• B. 49664/49665
• C. 49667/49668
• D. 9150/9151

Answer: D

NEW QUESTION # 58
What value of the "Boot Record Signature" is used to indicate that the boot-loader exists?

• A. AA55
• B. AA00
• C. 00AA
• D. A100

Answer: A

NEW QUESTION # 59
......

Pass CHFI v10 312-49v10 Exam With 706 Questions: https://quizguide.actualcollection.com/312-49v10-exam-questions.html