EC-COUNCIL 312-49V9 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-49V9 Online Questions & Answers

• Question 181:

  You have been given the task to investigate web attacks on a Windows-based server.

  Which of the following commands will you use to look at which sessions the machine has opened with other systems?

  A. Net sessions
  B. Net use
  C. Net config D. Net share
  B. Net use

• Question 182:

  What type of attack sends SYN requests to a target system with spoofed IP addresses?

  A. SYN flood
  B. Ping of death
  C. Cross site scripting
  D. Land
  A. SYN flood

• Question 183:

  In Linux, what is the smallest possible shellcode?

  A. 8 bytes
  B. 24 bytes
  C. 800 bytes
  D. 80 bytes
  B. 24 bytes

• Question 184:

  Which of the following file in Novel GroupWise stores information about user accounts?

  A. ngwguard.db
  B. gwcheck.db
  C. PRIV.EDB
  D. PRIV.STM
  A. ngwguard.db

• Question 185:

  A picture file is recovered from a computer under investigation. During the investigation process, the file is enlarged 500% to get a better view of its contents. The picture quality is not degraded at all from this process. What kind of picture is this file?its contents. The picture? quality is not degraded at all from this process. What kind of picture is this file?

  A. Raster image
  B. Vector image
  C. Metafile image
  D. Catalog image
  B. Vector image

• Question 186:

  Under confession, an accused criminal admitted to encrypting child pornography pictures and then hiding them within other pictures. What technique did the accused criminal employ?

  A. Typography
  B. Steganalysis
  C. Picture encoding
  D. Steganography
  D. Steganography

• Question 187:

  Which of the following statement is not correct when dealing with a powered-on computer at the crime scene?

  A. If a computer is switched on and the screen is viewable, record the programs running on screen and photograph the screen
  B. If a computer is on and the monitor shows some picture or screen saver, move the mouse slowly without depressing any mouse button and take a photograph of the screen and record the information displayed
  C. If a monitor is powered on and the display is blank, move the mouse slowly without depressing any mouse button and take a photograph
  D. If the computer is switched off. power on the computer to take screenshot of the desktop
  D. If the computer is switched off. power on the computer to take screenshot of the desktop

• Question 188:

  What is the CIDR from the following screenshot?

  

  A. /24A./24A./24
  B. /32 B./32 B./32
  C. /16 C./16 C./16
  D. /8D./8D./8
  D. /8D./8D./8

• Question 189:

  Injection flaws are web application vulnerabilities that allow untrusted data to be Interpreted and executed as part of a command or query. Attackers exploit injection flaws by constructing malicious commands or queries that result in data loss or corruption, lack of accountability, or denial of access. Which of the following injection flaws involves the injection of malicious code through a web application?

  A. SQL Injection
  B. Password brute force
  C. Nmap Scanning
  D. Footprinting
  A. SQL Injection

• Question 190:

  What is the First Step required in preparing a computer for forensics investigation?

  A. Do not turn the computer off or on, run any programs, or attempt to access data on a computer
  B. Secure any relevant media
  C. Suspend automated document destruction and recycling policies that may pertain to any relevant media or users at Issue
  D. Identify the type of data you are seeking, the Information you are looking for, and the urgency level of the examination
  A. Do not turn the computer off or on, run any programs, or attempt to access data on a computer