2022 Updated Verified Pass 312-49v10 Study Guides & Best Courses
Ultimate Guide to the 312-49v10 - Latest Edition Available Now
EC-COUNCIL 312-49v10 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
NEW QUESTION 261
What does the 56.58.152.114(445) denote in a Cisco router log?
Jun 19 23:25:46.125 EST: %SEC-4-IPACCESSLOGP: list internet-inbound denied udp 67.124.115.35(8084) -> 56.58.152.114(445), 1 packet
- A. None of the above
- B. Source IP address
- C. Destination IP address
- D. Login IP address
Answer: C
NEW QUESTION 262
Using Internet logging software to investigate a case of malicious use of computers, the investigator comes across some entries that appear odd.
From the log, the investigator can see where the person in question went on the Internet. From the log, it appears that the user was manually typing in different user ID numbers. What technique this user was trying?
- A. Parameter tampering
- B. SQL injection
- C. Cookie Poisoning
- D. Cross site scripting
Answer: A
NEW QUESTION 263
Which among the following search warrants allows the first responder to search and seize the victim's computer components such as hardware, software, storage devices, and documentation?
- A. John Doe Search Warrant
- B. Electronic Storage Device Search Warrant
- C. Citizen Informant Search Warrant
- D. Service Provider Search Warrant
Answer: B
NEW QUESTION 264
An "idle" system is also referred to as what?
- A. Bot
- B. PC not being used
- C. PC not connected to the Internet
- D. Zombie
Answer: D
NEW QUESTION 265
You are trying to locate Microsoft Outlook Web Access Default Portal using Google search on the Internet. What search string will you use to locate them?
- A. locate:"logon page"
- B. intitle:"exchange server"
- C. outlook:"search"
- D. allinurl:"exchange/logon.asp"
Answer: D
NEW QUESTION 266
The offset in a hexadecimal code is:
- A. The 0x at the end of the code
- B. The 0x at the beginning of the code
- C. The first byte after the colon
- D. The last byte after the colon
Answer: B
NEW QUESTION 267
Which among the following is an act passed by the U.S. Congress in 2002 to protect investors from the possibility of fraudulent accounting activities by corporations?
- A. HIPAA
- B. GLBA
- C. SOX
- D. FISMA
Answer: C
NEW QUESTION 268
In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?
- A. In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name
- B. Both pharming and phishing attacks are identical
- C. In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name
- D. Both pharming and phishing attacks are purely technical and are not considered forms of social engineering
Answer: A
NEW QUESTION 269
%3cscript%3ealert("XXXXXXXX")%3c/script%3e is a script obtained from a Cross-Site Scripting attack. What type of encoding has the attacker employed?
- A. Double encoding
- B. Hex encoding
- C. Base64
- D. Unicode
Answer: B
NEW QUESTION 270
Which layer of iOS architecture should a forensics investigator evaluate to analyze services such as Threading, File Access, Preferences, Networking and high-level features?
- A. Core Services
- B. Media services
- C. Cocoa Touch
- D. Core OS
Answer: D
NEW QUESTION 271
Email archiving is a systematic approach to save and protect the data contained in emails so that it can be accessed fast at a later date. There are two main archive types, namely Local Archive and Server Storage Archive. Which of the following statements is correct while dealing with local archives?
- A. Local archives should be stored together with the server storage archives in order to be admissible in a court of law
- B. Local archives do not have evidentiary value as the email client may alter the message data
- C. Server storage archives are the server information and settings stored on a local system, whereas the local archives are the local email client information stored on the mail server
- D. It is difficult to deal with the webmail as there is no offline archive in most cases. So consult your counsel on the case as to the best way to approach and gain access to the required data on servers
Answer: D
NEW QUESTION 272
What method of copying should always be performed first before carrying out an investigation?
- A. System level copy
- B. Parity-bit copy
- C. MS-DOS disc copy
- D. Bit-stream copy
Answer: D
NEW QUESTION 273
You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?
- A. Polymorphic
- B. Transmorphic
- C. Oligomorhic
- D. Metamorphic
Answer: D
NEW QUESTION 274
Law enforcement officers are conducting a legal search for which a valid warrant was obtained.
While conducting the search, officers observe an item of evidence for an unrelated crime that was not included in the warrant. The item was clearly visible to the officers and immediately identified as evidence. What is the term used to describe how this evidence is admissible?
- A. Corpus delicti
- B. Locard Exchange Principle
- C. Ex Parte Order
- D. Plain view doctrine
Answer: D
NEW QUESTION 275
The use of warning banners helps a company avoid litigation by overcoming an employee assumed __________________________. When connecting to the company's intranet, network or Virtual Private Network(VPN) and will allow the company's investigators to monitor, search and retrieve information stored within the network.
- A. Right to work
- B. Right to Internet Access
- C. Right of free speech
- D. Right of Privacy
Answer: D
NEW QUESTION 276
Jason is the security administrator of ACMA metal Corporation. One day he notices the company's Oracle database server has been compromised and the customer information along with financial data has been stolen. The financial loss will be in millions of dollars if the database gets into the hands of the competitors. Jason wants to report this crime to the law enforcement agencies immediately.
Which organization coordinates computer crimes investigations throughout the United States?
- A. Internet Fraud Complaint Center
- B. Local or national office of the U.S. Secret Service
- C. National Infrastructure Protection Center
- D. CERT Coordination Center
Answer: B
NEW QUESTION 277
Which of the following stages in a Linux boot process involve initialization of the system's hardware?
- A. Bootloader Stage
- B. BootROM Stage
- C. BIOS Stage
- D. Kernel Stage
Answer: C
NEW QUESTION 278
In Linux, what is the smallest possible shellcode?
- A. 24 bytes
- B. 8 bytes
- C. 80 bytes
- D. 800 bytes
Answer: A
NEW QUESTION 279
Tyler is setting up a wireless network for his business that he runs out of his home. He has followed all the directions from the ISP as well as the wireless router manual. He does not have any encryption set and the SSID is being broadcast. On his laptop, he can pick up the wireless signal for short periods of time, but then the connection drops and the signal goes away.
Eventually the wireless signal shows back up, but drops intermittently. What could be Tyler issue with his home wireless network?
- A. Satellite television
- B. 2.4Ghz Cordless phones
- C. Computers on his wired network
- D. CB radio
Answer: B
NEW QUESTION 280
During an investigation, an employee was found to have deleted harassing emails that were sent to someone else. The company was using Microsoft Exchange and had message tracking enabled. Where could the investigator search to find the message tracking log file on the Exchange server?
- A. C:\Program Files\Microsoft Exchange\srvr\servername.log
- B. C:\Program Files\Exchsrvr\servername.log
- C. C:\Exchsrvr\Message Tracking\servername.log
- D. D:\Exchsrvr\Message Tracking\servername.log
Answer: B
NEW QUESTION 281
Which of the following Perl scripts will help an investigator to access the executable image of a process?
- A. Lspm.pl
- B. Lspd.pl
- C. Lspi.pl
- D. Lpsi.pl
Answer: C
NEW QUESTION 282
An International Mobile Equipment Identifier (IMEI) is a 15-digit number that indicates the manufacturer, model type, and country of approval for GSM devices. The first eight digits of an IMEI number that provide information about the model and origin of the mobile device is also known as:
- A. Integrated Circuit Code (ICC)
- B. Device Origin Code (DOC)
- C. Type Allocation Code (TAC)
- D. Manufacturer Identification Code (MIC)
Answer: C
NEW QUESTION 283
......
Dumps MoneyBack Guarantee - 312-49v10 Dumps Approved Dumps: https://www.getvalidtest.com/312-49v10-exam.html
2022 Updated Verified Pass 312-49v10 Exam - Real Questions & Answers: https://drive.google.com/open?id=14j5z25Mfzr5y0CDzylcL14Xp6h2WCszJ