Randy has extracted data from an old version of a Windows-based system and discovered info file Dc5.txt in the system recycle bin. What does the file name denote?
A. A text file deleted from C drive in sixth sequential order
B. A text file deleted from C drive in fifth sequential order
C. A text file copied from D drive to C drive in fifth sequential order
D. A text file copied from C drive to D drive in fifth sequential order
Andie, a network administrator, suspects unusual network services running on a windows system. Which of the following commands should he use to verify unusual network services started on a Windows system?
A. net serv
B. netmgr
C. lusrmgr
D. net start
You are assigned a task to examine the log files pertaining to MyISAM storage engine. While examining, you are asked to perform a recovery operation on a MyISAM log file. Which among the following MySQL Utilities allow you to do so?
A. mysqldump
B. myisamaccess
C. myisamlog
D. myisamchk
Report writing is a crucial stage in the outcome of an investigation. Which information should not be included in the report section?
A. Speculation or opinion as to the cause of the incident
B. Purpose of the report
C. Author of the report
D. Incident summary
Which of the following Android libraries are used to render 2D (SGL) or 3D (OpenGL/ES) graphics content to the screen?
A. OpenGL/ES and SGL
B. Surface Manager
C. Media framework
D. WebKit
A forensic examiner is examining a Windows system seized from a crime scene. During the examination of a suspect file, he discovered that the file is password protected. He tried guessing the password using the suspect's available information but without any success. Which of the following tool can help the investigator to solve this issue?
A. Cain and Abel
B. Xplico
C. Recuva
D. Colasoft's Capsa
Which of the following Windows-based tool displays who is logged onto a computer, either locally or remotely?
A. Tokenmon
B. PSLoggedon
C. TCPView
D. Process Monitor
Korey, a data mining specialist in a knowledge processing firm DataHub.com, reported his CISO that he has lost certain sensitive data stored on his laptop. The CISO wants his forensics investigation team to find if the data loss was accident or intentional. In which of the following category this case will fall?
A. Civil Investigation
B. Administrative Investigation
C. Both Civil and Criminal Investigations
D. Criminal Investigation
An investigator has acquired packed software and needed to analyze it for the presence of malice. Which of the following tools can help in finding the packaging software used?
A. SysAnalyzer
B. PEiD
C. Comodo Programs Manager
D. Dependency Walker
Identify the file system that uses $BitMap file to keep track of all used and unused clusters on a volume.
A. NTFS
B. FAT
C. EXT
D. FAT32
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.