Law enforcement officers are conducting a legal search for which a valid warrant was obtaineD. While conducting the search, officers observe an item of evidence for an unrelated crime that was not included in the warrant. The item was clearly visible to the officers and immediately identified as evidence. What is the term used to describe how this evidence is admissible?
A. Plain view doctrine
B. Corpus delicti
C. Locard Exchange Principle
D. Ex Parte Order
The efforts to obtain information before a trail by demanding documents, depositions, questioned and answers written under oath, written requests for admissions of fact and examination of the scene is a description of what legal term?
A. Detection
B. Hearsay
C. Spoliation
D. Discovery
The rule of thumb when shutting down a system is to pull the power plug. However, it has certain drawbacks. Which of the following would that be?
A. Any data not yet flushed to the system will be lost
B. All running processes will be lost
C. The /tmp directory will be flushed
D. Power interruption will corrupt the pagefile
You are a computer forensics investigator working with local police department and you are called to assist in an investigation of threatening emails. The complainant has printer out 27 email messages from the suspect and gives the printouts to you. You inform her that you will need to examine her computer because you need access to the ______________ in order to track the emails back to the suspect.
A. Routing Table
B. Firewall log
C. Configuration files
D. Email Header
Hackers can gain access to Windows Registry and manipulate user passwords, DNS settings, access rights or others features that they may need in order to accomplish their objectives. One simple method for loading an application at startup is to add an entry (Key) to the following Registry Hive:
A. HKEY_LOCAL_MACHINEhardwarewindowsstart
B. HKEY_LOCAL_USERSSoftware|MicrosoftoldVersionLoad
C. HKEY_CURRENT_USERMicrosoftDefault
D. HKEY_LOCAL_MACHINESoftwareMicrosoftCurrentVersionRun
Which of the following filesystem is used by Mac OS X?
A. EFS
B. HFS+
C. EXT2
D. NFS
What term is used to describe a cryptographic technique for embedding information into something else for the sole purpose of hiding that information from the casual observer?
A. rootkit
B. key escrow
C. steganography
D. Offset
During the course of an investigation, you locate evidence that may prove the innocence of the suspect of the investigation. You must maintain an unbiased opinion and be objective in your entire fact finding process. Therefore you report this evidence. This type of evidence is known as:
A. Inculpatory evidence
B. mandatory evidence
C. exculpatory evidence
D. Terrible evidence
What binary coding is used most often for e-mail purposes?
A. MIME
B. Uuencode
C. IMAP
D. SMTP
If you discover a criminal act while investigating a corporate policy abuse, it becomes a public- sector investigation and should be referred to law enforcement?
A. true
B. false
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.