Which of the following attacks allows an attacker to access restricted directories, including application source code, configuration and critical system files, and to execute commands outside of the web server's root directory?
A. Unvalidated inputAttacker uses vulnerabilities in the authentication or session management functions such as exposed accounts, session IDs, logout, password management, timeouts, remember me. secret question, account update etc. to impersonate users, if a user simply closes the browser without logging out from sites accessed through a public computer, attacker can use the same browser later and exploit the user's privileges.
Which of the following vulnerability/exploitation is referred above?
A. Session ID in URLsDepending upon the Jurisdictional areas, different laws apply to different incidents. Which of the following law is related to fraud and related activity in connection with computers?
A. 18 USC 7029In a digital forensics investigation involving a data breach at a large corporation, the lead investigator is preparing to obtain a search warrant for seizing potential evidence. She needs to decide which type of warrant is appropriate, given that the main suspect's activities appear to have involved significant online communication and data transfer.
Which of the following actions should she take?
A. Obtain a service provider search warrant to access the suspect's online communication recordsWhen a user deletes a file or folder, the system stores complete path including the original filename is a special hidden file called "INFO2" in the Recycled folder. If the INFO2 file is deleted, it is recovered when you ______________________.
A. Undo the last action performed on the systemWindows Security Event Log contains records of login/logout activity or other security- related events specified by the system's audit policy. What does event ID 531 in Windows Security Event Log indicates?
A. A user successfully logged on to a computerSimon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the axfr and ixfr commands using DIG.
What is Simon trying to accomplish here?
A. Send DOS commands to crash the DNS serversYou have been called in to help with an investigation of an alleged network intrusion. After questioning the members of the company IT department, you search through the server log files to find any trace of the intrusion. After that you decide to telnet into one of the company routers to see if there is any evidence to be found. While connected to the router, you see some unusual activity and believe that the attackers are currently connected to that router. You start up an ethereal session to begin capturing traffic on the router that could be used in the investigation.
At what layer of the OSI model are you monitoring while watching traffic to and from the router?
A. NetworkWhich of the following options will help users to enable or disable the last access time on a system running Windows 10 OS?
A. wmic serviceThis is the original file structure database that Microsoft originally designed for floppy disks. It is written to the outermost track of a disk and contains information about each file stored on the drive.
A. Master Boot Record (MBR)Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.