1. Home
  2. EC-COUNCIL
  3. 312-49V9

ECCouncil Computer Hacking Forensic Investigator (V9)

Exam Details

  • Exam Code
    :312-49V9
  • Exam Name
    :ECCouncil Computer Hacking Forensic Investigator (V9)
  • Certification
    :Certified Ethical Hacker
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :486 Q&As
  • Last Updated
    :May 08, 2024

EC-COUNCIL Certified Ethical Hacker 312-49V9 Questions & Answers

  • Question 11:

    Why would a company issue a dongle with the software they sell?

    A. To provide source code protection

    B. To provide wireless functionality with the software

    C. To provide copyright protection

    D. To ensure that keyloggers cannot be used

  • Question 12:

    What is the target host IP in the following command? C:\> firewalk -F 80 10.10.150.1 172.16.28.95 -p UDP

    A. 10.10.150.1

    B. This command is using FIN packets, which cannot scan target hosts

    C. Firewalk does not scan target hosts

    D. 172.16.28.95

  • Question 13:

    George is the network administrator of a large Internet company on the west coast. Per corporate policy, none of the employees in the company are allowed to use FTP or SFTP programs without obtaining approval from the IT department. Few managers are using SFTP program on their computers. Before talking to his boss, George wants to have some proof of their activity. George wants to use Ethereal to monitor network traffic, but only SFTP traffic to and from his network. What filter should George use in Ethereal?

    A. src port 23 and dst port 23

    B. src port 22 and dst port 22

    C. udp port 22 and host 172.16.28.1/24

    D. net port 22

  • Question 14:

    Corporate investigations are typically easier than public investigations because:

    A. the users have standard corporate equipment and software

    B. the investigator does not have to get a warrant

    C. the investigator has to get a warrant

    D. the users can load whatever they want on their machines

  • Question 15:

    What will the following Linux command accomplish? dd if=/dev/mem of=/home/sam/mem.bin bs=1024

    A. Copy the master boot record to a file

    B. Copy the contents of the system folder em?to a fileCopy the contents of the system folder ?em?to a file

    C. Copy the running memory to a file

    D. Copy the memory dump file to an image file

  • Question 16:

    You are carrying out the last round of testing for your new website before it goes live. The website has

    many dynamic pages and connects to a SQL backend that accesses your product inventory in a database.

    You come across a web security site that recommends inputting the following code into a search field on

    web pages to check for vulnerabilities:

    When you type this and click on search, you receive a pop-up window that says:

    "This is a test." What is the result of this test?

    A. Your website is vulnerable to SQL injection

    B. Your website is vulnerable to CSS

    C. Your website is vulnerable to web bugs

    D. Your website is not vulnerable

  • Question 17:

    What is the name of the standard Linux command that can be used to create bit-stream images?

    A. mcopy

    B. image

    C. MD5

    D. dd

  • Question 18:

    What method of computer forensics will allow you to trace all ever-established user accounts on a Windows 2000 server the course of its lifetime?

    A. forensic duplication of hard drive

    B. analysis of volatile data

    C. comparison of MD5 checksums

    D. review of SIDs in the Registry

  • Question 19:

    A computer forensics investigator is inspecting the firewall logs for a large financial institution that has employees working 24 hours a day, 7 days a week.

    What can the investigator infer from the screenshot seen below?

    A. A smurf attack has been attempted

    B. A denial of service has been attempted C. Network intrusion has occurred

    D. Buffer overflow attempt on the firewall.

  • Question 20:

    What will the following command accomplish? C:\> nmap -v -sS -Po 172.16.28.251 - data_length 66000 packet_trace

    A. Test the ability of a router to handle under-sized packets

    B. Test ability of a router to handle over-sized packets

    C. Test the ability of a WLAN to handle fragmented packets

    D. Test the ability of a router to handle fragmented packets

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V9 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.