Free ECCouncil 312-49v10 Practice Exam with Questions & Answers

Name: How to Pass 312-49v10 Exams
Brand: Examstrack
SKU: 312-49v10
Price: 42 USD
Availability: InStock

Questions 1

Which part of the Windows Registry contains the user's password file?

Options:

HKEY_LOCAL_MACHINE

HKEY_CURRENT_CONFIGURATION

HKEY_USER

HKEY_CURRENT_USER

ECCouncil 312-49v10 Premium Access

Gracie

25-Apr-2025

examstrack.com promises guaranteed success, and they delivered. I aced my 312-49v10 certification!

Questions 2

From the following spam mail header, identify the host IP that sent this spam?

From jie02@netvigator.com jie02@netvigator.com Tue Nov 27 17:27:11 2001

Received: from viruswall.ie.cuhk.edu.hk (viruswall [137.189.96.52]) by eng.ie.cuhk.edu.hk

(8.11.6/8.11.6) with ESMTP id

fAR9RAP23061 for ; Tue, 27 Nov 2001 17:27:10 +0800 (HKT)

Received: from mydomain.com (pcd249020.netvigator.com [203.218.39.20]) by

viruswall.ie.cuhk.edu.hk (8.12.1/8.12.1)

with SMTP id fAR9QXwZ018431 for ; Tue, 27 Nov 2001 17:26:36 +0800 (HKT)

Message-Id: >200111270926.fAR9QXwZ018431@viruswall.ie.cuhk.edu.hk

From: "china hotel web"

To: "Shlam"

Subject: SHANGHAI (HILTON HOTEL) PACKAGE

Date: Tue, 27 Nov 2001 17:25:58 +0800 MIME-Version: 1.0

X-Priority: 3 X-MSMail-

Priority: Normal

Reply-To: "china hotel web"

Options:

137.189.96.52

8.12.1.0

203.218.39.20

203.218.39.50

Questions 3

What file structure database would you expect to find on floppy disks?

Options:

NTFS

FAT32

FAT16

FAT12

Questions 4

When a file is deleted by Windows Explorer or through the MS-DOS delete command, the operating system inserts _______________ in the first letter position of the filename in the FAT database.

Options:

A Capital X

A Blank Space

The Underscore Symbol

The lowercase Greek Letter Sigma (s)

Questions 5

You are using DriveSpy, a forensic tool and want to copy 150 sectors where the starting sector is 1709 on the primary hard drive. Which of the following formats correctly specifies these sectors?

Options:

0:1000, 150

0:1709, 150

1:1709, 150

0:1709-1858

Questions 6

A suspect is accused of violating the acceptable use of computing resources, as he has visited adult websites and downloaded images. The investigator wants to demonstrate that the suspect did indeed visit these sites. However, the suspect has cleared the search history and emptied the cookie cache. Moreover, he has removed any images he might have downloaded. What can the investigator do to prove the violation?

Options:

Image the disk and try to recover deleted files

Seek the help of co-workers who are eye-witnesses

Check the Windows registry for connection data (you may or may not recover)

Approach the websites for evidence

Questions 7

The objective of this act was to protect consumers’ personal financial information held by financial institutions and their service providers.

Options:

Gramm-Leach-Bliley Act

Sarbanes-Oxley 2002

California SB 1386

HIPAA

Questions 8

What is the following command trying to accomplish?

Options:

Verify that UDP port 445 is open for the 192.168.0.0 network

Verify that TCP port 445 is open for the 192.168.0.0 network

Verify that NETBIOS is running for the 192.168.0.0 network

Verify that UDP port 445 is closed for the 192.168.0.0 network

Questions 9

When you carve an image, recovering the image depends on which of the following skills?

Options:

Recognizing the pattern of the header content

Recovering the image from a tape backup

Recognizing the pattern of a corrupt file

Recovering the image from the tape backup

Questions 10

Under which Federal Statutes does FBI investigate for computer crimes involving e-mail scams and mail fraud?

Options:

18 U.S.C. 1029 Possession of Access Devices

18 U.S.C. 1030 Fraud and related activity in connection with computers

18 U.S.C. 1343 Fraud by wire, radio or television

18 U.S.C. 1361 Injury to Government Property

18 U.S.C. 1362 Government communication systems

18 U.S.C. 1831 Economic Espionage Act

18 U.S.C. 1832 Trade Secrets Act

Questions 11

Diskcopy is:

Options:

a utility by AccessData

a standard MS-DOS command

Digital Intelligence utility

dd copying tool

Questions 12

Harold wants to set up a firewall on his network but is not sure which one would be the most appropriate. He knows he needs to allow FTP traffic to one of the servers on his network, but he wants to only allow FTP-PUT. Which firewall would be most appropriate for Harold? needs?

Options:

Circuit-level proxy firewall

Packet filtering firewall

Application-level proxy firewall

Data link layer firewall

Questions 13

When obtaining a warrant, it is important to:

Options:

particularlydescribe the place to be searched and particularly describe the items to be seized

generallydescribe the place to be searched and particularly describe the items to be seized

generallydescribe the place to be searched and generally describe the items to be seized

particularlydescribe the place to be searched and generally describe the items to be seized

Questions 14

When cataloging digital evidence, the primary goal is to

Options:

Make bit-stream images of all hard drives

Preserve evidence integrity

Not remove the evidence from the scene

Not allow the computer to be turned off

Questions 15

To make sure the evidence you recover and analyze with computer forensics software can be admitted in court, you must test and validate the software. What group is actively providing tools and creating procedures for testing and validating computer forensics software?

Options:

Computer Forensics Tools and Validation Committee (CFTVC)

Association of Computer Forensics Software Manufactures (ACFSM)

National Institute of Standards and Technology (NIST)

Society for Valid Forensics Tools and Testing (SVFTT)