Consistency in the investigative report is more important than the exact format in the report to eliminate uncertainty and confusion.
A. True
B. False
All the Information about the user activity on the network, like details about login and logoff attempts, is collected in the security log of the computer. When a user's login is successful, successful audits generate an entry whereas unsuccessful audits generate an entry for failed login attempts in the logon event ID table.
In the logon event ID table, which event ID entry (number) represents a successful logging on to a computer?
A. 528
B. 529
C. 530
D. 531
In Windows 7 system files, which file reads the Boot.ini file and loads Ntoskrnl.exe. Bootvid.dll. Hal.dll, and boot-start device drivers?
A. Ntldr
B. Gdi32.dll
C. Kernel32.dll
D. Boot.in
Event correlation is a procedure that is assigned with a new meaning for a set of events that occur in a predefined interval of time.
Which type of correlation will you use if your organization wants to use different OS and network hardware platforms throughout the network?
A. Same-platform correlation
B. Cross-platform correlation
C. Multiple-platform correlation
D. Network-platform correlation
Jason, a renowned forensic investigator, is investigating a network attack that resulted in the compromise of several systems in a reputed multinational's network. He started Wireshark to capture the network traffic. Upon investigation, he found that the DNS packets travelling across the network belonged to a non-company configured IP. Which of the following attack Jason can infer from his findings?
A. DNS Poisoning
B. Cookie Poisoning Attack
C. DNS Redirection
D. Session poisoning
Which of the following standard is based on a legal precedent regarding the admissibility of scientific examinations or experiments in legal cases?
A. Daubert Standard
B. Schneiderman Standard
C. Frye Standard
D. FERPA standard
Ron. a computer forensics expert, Is Investigating a case involving corporate espionage. He has recovered several mobile computing devices from the crime scene. One of the evidence that Ron possesses is a mobile phone from Nokia that was left in on condition. Ron needs to recover the IMEI number of the device to establish the identity of the device owner. Which of the following key combinations he can use to recover the IMEI number?
A. #*06*#
B. *#06#
C. #06r
D. *1MEI#
Which device in a wireless local area network (WLAN) determines the next network point to which a packet should be forwarded toward its destination?
A. Wireless router
B. Wireless modem
C. Antenna
D. Mobile station
Physical security recommendations: There should be only one entrance to a forensics lab
A. True
B. False
First response to an incident may involve three different groups of people, and each will have differing skills and need to carry out differing tasks based on the incident. Who is responsible for collecting, preserving, and packaging electronic evidence?
A. System administrators
B. Local managers or other non-forensic staff
C. Forensic laboratory staff
D. Lawyers
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.