Email archiving is a systematic approach to save and protect the data contained in emails so that it can be accessed fast at a later date. There are two main archive types, namely Local Archive and Server Storage Archive. Which of the following statements is correct while dealing with local archives?
A. Server storage archives are the server information and settings stored on a local system, whereas the local archives are the local email client information stored on the mail server
B. It is difficult to deal with the webmail as there is no offline archive in most cases. So consult your counsel on the case as to the best way to approach and gain access to the required data on servers
C. Local archives should be stored together with the server storage archives in order to be admissible in a court of law
D. Local archives do not have evidentiary value as the email client may alter the message data
Which of the following techniques delete the files permanently?
A. Steganography
B. Artifact Wiping
C. Data Hiding
D. Trail obfuscation
What is an investigator looking for in the rp.log file stored in a system running on Windows 10 operating system?
A. Restore point interval
B. Automatically created restore points
C. System CheckPoints required for restoring
D. Restore point functions
Which among the following laws emphasizes the need for each Federal agency to develop, document, and implement an organization-wide program to provide information security for the information systems that support its operations and assets?
A. FISMA
B. HIPAA
C. GLBA
D. SOX
What does the 56.58.152.114(445) denote in a Cisco router log? Jun 19 23:25:46.125 EST: %SEC-4-IPACCESSLOGP: list internet-inbound denied udp 67.124.115.35 (8084) -> 56.58.152.114(445), 1 packet
A. Source IP address
B. None of the above
C. Login IP address
D. Destination IP address
What is cold boot (hard boot)?
A. It is the process of restarting a computer that is already in sleep mode
B. It is the process of shutting down a computer from a powered-on or on state
C. It is the process of restarting a computer that is already turned on through the operating system
D. It is the process of starting a computer from a powered-down or off state
During the trial, an investigator observes that one of the principal witnesses is severely ill and cannot be present for the hearing. He decides to record the evidence and present it to the court. Under which rule should he present such evidence?
A. Rule 1003: Admissibility of Duplicates
B. Limited admissibility
C. Locard's Principle
D. Hearsay
One technique for hiding information is to change the file extension from the correct one to the one that might not be noticed by an investigator. For example, changing a .jpg extension to a .doc extension so that a picture file appears to be a document. What can an investigator examine to verify that a file has the correct extension?
A. The file header
B. The File Allocation Table
C. The file footer
D. The sector map
An investigator enters the command sqlcmd -S WIN-CQQMK62867E -e -s"," -E as part of collecting the primary data file and logs from a database. What does the "WIN-CQQMK62867E" represent?
A. Name of the Database
B. Name of SQL Server
C. Operating system of the system
D. Network credentials of the database
In which implementation of RAID will the image of a Hardware RAID volume be different from the image taken separately from the disks?
A. RAID 1
B. The images will always be identical because data is mirrored for redundancy
C. RAID 0
D. It will always be different
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.