John and Hillary works at the same department in the company. John wants to find out Hillary's network password so he can take a look at her documents on the file server. He enables Lophtcrack program to sniffing mode. John sends Hillary an email with a link to Error! Reference source not found.
What information will he be able to gather from this?
A. The SAM file from Hillary computerYou are a computer forensics investigator working with local police department and you are called to assist in an investigation of threatening emails. The complainant has printer out 27 email messages from the suspect and gives the printouts to you. You inform her that you will need to examine her computer because you need access to the ______________ in order to track the emails back to the suspect.
A. Routing TableYou are working in the security Department of law firm. One of the attorneys asks you about the topic of sending fake email because he has a client who has been charged with doing just that. His client alleges that he is innocent and that there is no way for a fake email to actually be sent. You inform the attorney that his client is mistaken and that fake email is possibility and that you can prove it. You return to your desk and craft a fake email to the attorney that appears to come from his boss. What port do you send the email to on the company SMTP server?
A. 10What is kept in the following directory? HKLM\SECURITY\Policy\Secrets
A. Service account passwords in plain textWhat is the advantage in encrypting the communication between the agent and the monitor in an Intrusion Detection System?
A. Encryption of agent communications will conceal the presence of the agentsYou are assisting a Department of Defense contract company to become compliant with the stringent security policies set by the DoD. One such strict rule is that firewalls must only allow incoming connections that were first initiated by internal computers. What type of firewall must you implement to abide by this policy?
A. Circuit-level proxy firewallWhen using Windows acquisitions tools to acquire digital evidence, it is important to use a well- tested hardware write-blocking device to:
A. Automate Collection from image filesE-mail logs contain which of the following information to help you in your investigation? (Select up to 4) A. user account that was used to send the account
B. attachments sent with the e-mail messageIf you discover a criminal act while investigating a corporate policy abuse, it becomes a public- sector investigation and should be referred to law enforcement?
A. trueWhen cataloging digital evidence, the primary goal is to:
A. Make bit-stream images of all hard drivesNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.