NetApp New Release 312-49V8 Questions & Answers

• Question 161:

  When a file or folder is deleted, the complete path, including the original file name, is stored in a special hidden file called "INF02" in the Recycled folder. If the INF02 file is deleted, it is re-created when you___________.

  A. Restart Windows

  B. Kill the running processes in Windows task manager

  C. Run the antivirus tool on the system

  D. Run the anti-spyware tool on the system

  Correct Answer: A

• Question 162:

  What is cold boot (hard boot)?

  A. It is the process of starting a computer from a powered-down or off state

  B. It is the process of restarting a computer that is already turned on through the operating system

  C. It is the process of shutting down a computer from a powered-on or on state

  D. It is the process of restarting a computer that is already in sleep mode

  Correct Answer: A

• Question 163:

  File deletion is a way of removing a file from a computer's file system. What happens when a file is deleted in windows7?

  A. The last letter of a file name is replaced by a hex byte code E5h

  B. The operating system marks the file's name in the MFT with a special character that indicates that the file has been deleted

  C. Corresponding clusters in FAT are marked as used

  D. The computer looks at the clusters occupied by that file and does not avails space to store a new file

  Correct Answer: B

• Question 164:

  Which of the following statements does not support the case assessment?

  A. Review the case investigator's request for service

  B. Identify the legal authority for the forensic examination request

  C. Do not document the chain of custody

  D. Discuss whether other forensic processes need to be performed on the evidence

  Correct Answer: C

• Question 165:

  Wireless access control attacks aim to penetrate a network by evading WLAN access control measures, such as AP MAC filters and Wi-Fi port access controls.

  Which of the following wireless access control attacks allows the attacker to set up a rogue access point outside the corporate perimeter, and then lure the employees of the organization to connect to it?

  A. War driving

  B. Rogue access points

  C. MAC spoofing

  D. Client mis-association

  Correct Answer: D

• Question 166:

  Determine the message length from following hex viewer record: A. 6E2F

  

  B. 13

  C. 27

  D. 810D

  Correct Answer: D

• Question 167:

  TCP/IP (Transmission Control Protocol/Internet Protocol) is a communication protocol used to connect different hosts in the Internet. It contains four layers, namely the network interface layer. Internet layer, transport layer, and application layer.

  Which of the following protocols works under the transport layer of TCP/IP?

  A. UDP

  B. HTTP

  C. FTP

  D. SNMP

  Correct Answer: A

• Question 168:

  In which step of the computer forensics investigation methodology would you run MD5 checksum on the evidence?

  A. Obtain search warrant

  B. Evaluate and secure the scene

  C. Collect the evidence

  D. Acquire the data

  Correct Answer: D

• Question 169:

  Network forensics allows Investigators to inspect network traffic and logs to identify and locate the attack system

  Network forensics can reveal: (Select three answers)

  A. Source of security incidents' and network attacks

  B. Path of the attack

  C. Intrusion techniques used by attackers

  D. Hardware configuration of the attacker's system

  Correct Answer: ABC

• Question 170:

  FAT32 is a 32-bit version of FAT file system using smaller clusters and results in efficient storage capacity. What is the maximum drive size supported?

  A. 1 terabytes

  B. 2 terabytes

  C. 3 terabytes

  D. 4 terabytes

  Correct Answer: B