Free ECCouncil 312-49v10 Practice Exam with Questions & Answers | Set: 13

John is working on his company policies and guidelines. The section he is currently working on covers company documents; how they should be handled, stored, and eventually destroyed. John is concerned about the process whereby outdated documents are destroyed. What type of shredder should John write in the guidelines to be used when destroying documents?

Travis, a computer forensics investigator, is finishing up a case he has been working on for over a month involving copyright infringement and embezzlement. His last task is to prepare an investigative report for the president of the company he has been working for. Travis must submit a hard copy and an electronic copy to this president. In what electronic format should Travis send this report?

Ivanovich, a forensics investigator, is trying to extract complete information about running processes from a system. Where should he look apart from the RAM and virtual memory?

Which among the following files provides email header information in the Microsoft Exchange server?

Amber, a black hat hacker, has embedded a malware into a small enticing advertisement and posted it on a popular ad-network that displays across various websites. What is she doing?

In handling computer-related incidents, which IT role should be responsible for recovery, containment, and prevention to constituents?

Which of the following tool can the investigator use to analyze the network to detect Trojan activities?

NTFS has reduced slack space than FAT, thus having lesser potential to hide data in the slack space. This is because:

Where are files temporarily written in Unix when printing?

After attending a CEH security seminar, you make a list of changes you would like to perform on your network to increase its security. One of the first things you change is to switch the RestrictAnonymous setting from 0 to 1 on your servers. This, as you were told, would prevent anonymous users from establishing a null session on the server. Using Userinfo tool mentioned at the seminar, you succeed in establishing a null session with one of the servers. Why is that?

What advantage does the tool Evidor have over the built-in Windows search?

Why would you need to find out the gateway of a device when investigating a wireless attack?

What hashing method is used to password protect Blackberry devices?

Which of the following options will help users to enable or disable the last access time on a system running Windows 10 OS?

The investigator wants to examine changes made to the system’s registry by the suspect program. Which of the following tool can help the investigator?