An attacker has compromised a cloud environment of a company and used the employee information to perform an identity theft attack. Which type of attack is this?
A. Cloud as a subject
B. Cloud as a tool
C. Cloud as an object
D. Cloud as a service
Gill is a computer forensics investigator who has been called upon to examine a seized computer. This computer, according to the police, was used by a hacker who gained access to numerous banking institutions to steal customer information. After preliminary investigations, Gill finds in the computer's log files that the hacker was able to gain access to these banks through the use of Trojan horses. The hacker then used these Trojan horses to obtain remote access to the companies' domain controllers. From this point, Gill found that the hacker pulled off the SAM files from the domain controllers to then attempt and crack network passwords. What is the most likely password cracking technique used by this hacker to break the user passwords from the SAM files?
A. Syllable attack
B. Hybrid attack
C. Brute force attack
D. Dictionary attack
Which of the following network attacks refers to sending huge volumes of email to an address in an attempt to overflow the mailbox or overwhelm the server where the email address is hosted so as to cause a denial-of-service attack?
A. Email spamming
B. Phishing
C. Email spoofing
D. Mail bombing
You are working as an independent computer forensics investigator and received a call from a systems administrator for a local school system requesting your assistance. One of the students at the local high school is suspected of downloading inappropriate images from the Internet to a PC in the Computer Lab. When you arrive at the school, the systems administrator hands you a hard drive and tells you that he made a "simple backup copy" of the hard drive in the PC and put it on this drive and requests that you examine the drive for evidence of the suspected images. You inform him that a "simple backup copy" will not provide deleted files or recover file fragments. What type of copy do you need to make to ensure that the evidence found is complete and admissible in future proceeding?
A. Robust copy
B. Incremental backup copy
C. Bit-stream copy
D. Full backup copy
Which of the following commands shows you the username and IP address used to access the system via a remote login session and the type of client from which they are accessing the system?
A. Net config
B. Net sessions
C. Net share
D. Net stat
Which of the following is a federal law enacted in the US to control the ways that financial institutions deal with the private information of individuals?
A. SOX
B. HIPAA 1996
C. GLBA
D. PCI DSS
UEFI is a specification that defines a software interface between an OS and platform firmware. Where does this interface store information about files present on a disk?
A. BIOS-MBR
B. GUID Partition Table (GPT)
C. Master Boot Record (MBR)
D. BIOS Parameter Block
A Linux system is undergoing investigation. In which directory should the investigators look for its current state data if the system is in powered on state?
A. /auth
B. /proc
C. /var/log/debug
D. /var/spool/cron/
What is the purpose of using Obfuscator in malware?
A. Execute malicious code in the system
B. Avoid encryption while passing through a VPN
C. Avoid detection by security mechanisms
D. Propagate malware to other connected devices
Where should the investigator look for the Edge browser's browsing records, including history, cache, and cookies?
A. ESE Database
B. Virtual Memory
C. Sparse files
D. Slack Space
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.