EC-COUNCIL 312-49V10 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-49V10 Online Questions & Answers

• Question 511:

  Which of the following files store the MySQL database data permanently, including the data that had been deleted, helping the forensic investigator in examining the case and finding the culprit?

  A. mysql-bin
  B. mysql-log
  C. iblog
  D. ibdata1
  D. ibdata1

• Question 512:

  Click on the Exhibit button.

  To test your website for vulnerabilities, you type a quotation mark (') in the username field. After you click OK, you receive the following error message window:

  What can you infer from this error window?

  A. SQL injection is not possible
  B. SQL injection is possible
  C. The user for line 3306 in the SQL database has a weak password
  D. The quotation mark (') is a valid username
  B. SQL injection is possible

• Question 513:

  Maria has executed a suspicious executable file in a controlled environment and wants to see if the file adds/modifies any registry value after execution via Windows Event Viewer. Which of the following event ID should she look for in this scenario?

  A. Event ID 4657
  B. Event ID 4688
  C. Event ID 7040
  D. Event ID 4624
  A. Event ID 4657

• Question 514:

  Stephen is checking an image using Compare Files by The Wizard, and he sees the file signature is shown as FF D8 FF E1. What is the file type of the image?

  A. gif
  B. bmp
  C. jpeg
  D. png
  C. jpeg

• Question 515:

  Which of the following is not correct when documenting an electronic crime scene?

  A. Document the physical scene, such as the position of the mouse and the location of components near the system
  B. Document related electronic components that are difficult to find
  C. Record the condition of the computer system, storage media, electronic devices and conventional evidence, including power status of the computer
  D. Write down the color of shirt and pant the suspect was wearing
  D. Write down the color of shirt and pant the suspect was wearing

• Question 516:

  Which of the following is a federal law enacted in the US to control the ways that financial institutions deal with the private information of individuals?

  A. SOX
  B. HIPAA 1996
  C. GLBA
  D. PCI DSS
  C. GLBA

• Question 517:

  Jacob is a computer forensics investigator with over 10 years experience in investigations and has written over 50 articles on computer forensics. He has been called upon as a qualified witness to testify the accuracy and integrity of the technical log files gathered in an investigation into computer fraud.

  What is the term used for Jacob testimony in this case?

  A. Justification
  B. Authentication
  C. Reiteration
  D. Certification
  B. Authentication

• Question 518:

  What technique is used by JPEGs for compression?

  A. ZIP
  B. TCD
  C. DCT
  D. TIFF-8
  C. DCT

• Question 519:

  Which of the following statements is not a part of securing and evaluating electronic crime scene checklist?

  A. Locate and help the victim
  B. Transmit additional flash messages to other responding units
  C. Request additional help at the scene if needed
  D. Blog about the incident on the internet
  D. Blog about the incident on the internet

• Question 520:

  A CHFI is analyzing suspicious activity on a company's AWS account. She suspects an unauthorized user accessed and deleted a crucial bucketobject. To trace the potential perpetrator, she should primarily rely on the following:

  A. S3 Server Access logs to understand actions performed on a bucket object
  B. AWS CloudTrail logs to determine when and where the specific API calls were made
  C. Amazon CloudWatch logs to monitor system and application log data in real time
  D. Amazon VPC Flow Logs to scrutinize the IP traffic entering and leaving the specific VPC
  B. AWS CloudTrail logs to determine when and where the specific API calls were made