[Free] 2019(Nov) EnsurePass ECCouncil 312-49v8 Dumps with VCE and PDF 1-10

Get Full Version of the Exam

Question No.1

Shortcuts are the files with the extension .Ink that are created and are accessed by the users. These files provide you with information about:

  1. Files or network shares

  2. Running application

  3. Application logs

  4. System logs

Correct Answer: A

Question No.2

Network forensics can be defined as the sniffing, recording, acquisition and analysis of the network traffic and event logs in order to investigate a network security incident.

  1. True

  2. False

Correct Answer: A

Question No.3

Dumpster Diving refers to:

  1. Searching for sensitive information in the user#39;s trash bins and printer trash bins, and searching the user#39;s desk for sticky notes

  2. Looking at either the user#39;s keyboard or screen while he/she is logging in

  3. Convincing people to reveal the confidential information

  4. Creating a set of dictionary words and names, and trying all the possible combinations to crack the password

Correct Answer: A

Question No.4

Jason, a renowned forensic investigator, is investigating a network attack that resulted in the compromise of several systems in a reputed multinational#39;s network. He started Wireshark to capture the network traffic. Upon investigation, he found that the DNS packets travelling across the network belonged to a non-company configured IP. Which of the following attack Jason can infer from his findings?

  1. DNS Poisoning

  2. Cookie Poisoning Attack

  3. DNS Redirection

  4. Session poisoning

Correct Answer: A

Question No.5

Computer security logs contain information about the events occurring within an organization#39;s

systems and networks. Application and Web server log files are useful in detecting web attacks. The source, nature, and time of the attack can be determined by of the compromised system.

  1. Analyzing log files

  2. Analyzing SAM file

  3. Analyzing rainbow tables

  4. Analyzing hard disk boot records

Correct Answer: A

Question No.6

Which of the following is not an example of a cyber-crime?

  1. Fraud achieved by the manipulation of the computer records

  2. Firing an employee for misconduct

  3. Deliberate circumvention of the computer security systems

  4. Intellectual property theft, including software piracy

Correct Answer: B

Question No.7

Task list command displays a list of applications and services with their Process ID (PID) for all tasks running on either a local or a remote computer. Which of the following task list commands provides information about the listed processes, including the image name, PID, name, and number of the session for the process?

  1. tasklist/s

  2. tasklist/u

  3. tasklist/p

  4. tasklist/v

Correct Answer: D

Question No.8

International Mobile Equipment Identifier (IMEI) is a 15-dlgit number that indicates the manufacturer, model type, and country of approval for GSM devices. The first eight digits of an IMEI number that provide information about the model and origin of the mobile device is also known as:

  1. Type Allocation Code (TAC)

  2. Device Origin Code (DOC)

  3. Manufacturer identification Code (MIC)

  4. Integrated Circuit Code (ICC)

Correct Answer: A

Question No.9

When the operating system marks cluster as used, but does not allocate them to any file, such clusters are known as .

  1. Lost clusters

  2. Bad clusters

  3. Empty clusters

  4. Unused clusters

Correct Answer: A

Question No.10

An Internet standard protocol (built on top of TCP/IP) that assures accurate synchronization to the millisecond of computer clock times in a network of computers. Which of the following statement is true for NTP Stratum Levels?

  1. Stratum-0 servers are used on the network; they are not directly connected to computers which then operate as stratum-1 servers

  2. Stratum-1 time server is linked over a network path to a reliable source of UTC time such as GPS, WWV, or CDMA transmissions

  3. A stratum-2 server is directly linked (not over a network path) to a reliable source of UTC time such as GPS, WWV, or CDMA transmissions

  4. A stratum-3 server gets its time over a network link, via NTP, from a stratum-2 server, and so on

Correct Answer: D

Get Full Version of the Exam
312-49v8 Dumps
312-49v8 VCE and PDF