Download Computer Hacking Forensic Investigator.312-49v10.VCEplus.2021-10-05.117q.vcex

Vendor: ECCouncil
Exam Code: 312-49v10
Exam Name: Computer Hacking Forensic Investigator
Date: Oct 05, 2021
File Size: 1 MB
Downloads: 1

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
What information do you need to recover when searching a victim’s computer for a crime committed with specific e-mail message?
  1. Internet service provider information
  2. E-mail header
  3. Username and password
  4. Firewall log
Correct answer: B
Question 2
Melanie was newly assigned to an investigation and asked to make a copy of all the evidence from the compromised system. Melanie did a DOS copy of all the files on the system. 
What would be the primary reason for you to recommend a disk imaging tool?
  1. A disk imaging tool would check for CRC32s for internal self-checking and validation and have MD5 checksum
  2. Evidence file format will contain case data entered by the examiner and encrypted at the beginning of the evidence file
  3. A simple DOS copy will not include deleted files, file slack and other information
  4. There is no case for an imaging tool as it will use a closed, proprietary format that if compared to the original will not match up sector for sector
Correct answer: C
Question 3
You are employed directly by an attorney to help investigate an alleged sexual harassment case at a large pharmaceutical manufacture. While at the corporate office of the company, the CEO demands to know the status of the investigation. What prevents you from discussing the case with the CEO?
  1. the attorney-work-product rule
  2. Good manners
  3. Trade secrets
  4. ISO 17799
Correct answer: A
Question 4
What is the investigator trying to analyze if the system gives the following image as output? 
  1. All the logon sessions
  2. Currently active logon sessions
  3. Inactive logon sessions
  4. Details of users who can logon
Correct answer: B
Question 5
This organization maintains a database of hash signatures for known software. 
  1. International Standards Organization
  2. Institute of Electrical and Electronics Engineers
  3. National Software Reference Library
  4. American National standards Institute
Correct answer: C
Question 6
The ____________________ refers to handing over the results of private investigations to the authorities because of indications of criminal activity.
  1. Locard Exchange Principle
  2. Clark Standard
  3. Kelly Policy
  4. Silver-Platter Doctrine
Correct answer: D
Question 7
You are working as Computer Forensics investigator and are called by the owner of an accounting firm to investigate possible computer abuse by one of the firm’s employees. You meet with the owner of the firm and discover that the company has never published a policy stating that they reserve the right to inspect their computing assets at will. What do you do?
  1. Inform the owner that conducting an investigation without a policy is not a problem because the company is privately owned
  2. Inform the owner that conducting an investigation without a policy is a violation of the 4th amendment
  3. Inform the owner that conducting an investigation without a policy is a violation of the employee’s expectation of privacy
  4. Inform the owner that conducting an investigation without a policy is not a problem because a policy is only necessary for government agencies
Correct answer: C
Question 8
During the course of a corporate investigation, you find that an Employee is committing a crime. 
Can the Employer file a criminal complaint with Police?
  1. Yes, and all evidence can be turned over to the police
  2. Yes, but only if you turn the evidence over to a federal law enforcement agency
  3. No, because the investigation was conducted without following standard police procedures
  4. No, because the investigation was conducted without warrant
Correct answer: A
Question 9
____________________ is simply the application of Computer Investigation and analysis techniques in the interests of determining potential legal evidence.
  1. Network Forensics
  2. Computer Forensics
  3. Incident Response
  4. Event Reaction
Correct answer: B
Question 10
What is the name of the Standard Linux Command that is also available as windows application that can be used to create bit-stream images?
  1. mcopy
  2. image
  3. MD5
  4. dd
Correct answer: D

Use VCE Exam Simulator to open VCE files


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!