Black Friday Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

examstrack slider

How to Easily Pass the ECCouncil 312-49v9 Exam: Expert Advice

Questions 136

A forensic examiner is examining a Windows system seized from a crime scene. During the examination of a suspect file, he discovered that the file is password protected. He tried guessing the password using the suspect’s available information but without any success. Which of the following tool can help the investigator to solve this issue?

Options:

A.

Cain & Abel

B.

Xplico

C.

Recuva

D.

Colasoft’s Capsa

Buy Now
Questions 137

Which component in the hard disk moves over the platter to read and write information?

Options:

A.

Actuator

B.

Spindle

C.

Actuator Axis

D.

Head

Buy Now
Questions 138

Which of the following network attacks refers to sending huge volumes of email to an address in an attempt to overflow the mailbox or overwhelm the server where the email address is hosted so as to cause a denial-of-service attack?

Options:

A.

Email spamming

B.

Phishing

C.

Email spoofing

D.

Mail bombing

Buy Now
Questions 139

In which cloud crime do attackers try to compromise the security of the cloud environment in order to steal data or inject a malware?

Options:

A.

Cloud as an Object

B.

Cloud as a Tool

C.

Cloud as an Application

D.

Cloud as a Subject

Buy Now
Questions 140

Shane, a forensic specialist, is investigating an ongoing attack on a MySQL database server hosted on a Windows machine with SID “WIN-ABCDE12345F.” Which of the following log file will help Shane in tracking all the client connections and activities performed on the database server?

Options:

A.

WIN-ABCDE12345F.err

B.

WIN-ABCDE12345F-bin.n

C.

WIN-ABCDE12345F.pid

D.

WIN-ABCDE12345F.log

Buy Now
Questions 141

You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

Options:

A.

All three servers need to be placed internally

B.

A web server and the database server facing the Internet, an application server on the internal network

C.

A web server facing the Internet, an application server on the internal network, a database server on the internal network

D.

All three servers need to face the Internet so that they can communicate between themselves

Buy Now
Questions 142

Amber, a black hat hacker, has embedded malware into a small enticing advertisement and posted it on a popular ad-network that displays across various websites. What is she doing?

Options:

A.

Malvertising

B.

Compromising a legitimate site

C.

Click-jacking

D.

Spearphishing

Buy Now
Questions 143

After suspecting a change in MS-Exchange Server storage archive, the investigator has analyzed it. Which of the following components is not an actual part of the archive?

Options:

A.

PRIV.STM

B.

PUB.EDB

C.

PRIV.EDB

D.

PUB.STM

Buy Now
Questions 144

Buffer overflow vulnerability of a web application occurs when it fails to guard its buffer properly and allows writing beyond its maximum size. Thus, it overwrites the_________. There are multiple forms of buffer overflow, including a Heap Buffer Overflow and a Format String Attack.

Options:

A.

Adjacent memory locations

B.

Adjacent bit blocks

C.

Adjacent buffer locations

D.

Adjacent string locations

Buy Now
Questions 145

Which of these rootkit detection techniques function by comparing a snapshot of the file system, boot records, or memory with a known and trusted baseline?

Options:

A.

Signature-Based Detection

B.

Integrity-Based Detection

C.

Cross View-Based Detection

D.

Heuristic/Behavior-Based Detection

Buy Now
Questions 146

> NMAP -sn 192.168.11.200-215 The NMAP command above performs which of the following?

Options:

A.

A trace sweep

B.

A port scan

C.

A ping scan

D.

An operating system detect

Buy Now
Questions 147

Rusty, a computer forensics apprentice, uses the command nbtstat –c while analyzing the network information in a suspect system. What information is he looking for?

Options:

A.

Contents of the network routing table

B.

Status of the network carrier

C.

Contents of the NetBIOS name cache

D.

Network connections

Buy Now
Questions 148

In which registry does the system store the Microsoft security IDs?

Options:

A.

HKEY_CLASSES_ROOT (HKCR)

B.

HKEY_CURRENT_CONFIG (HKCC)

C.

HKEY_CURRENT_USER (HKCU)

D.

HKEY_LOCAL_MACHINE (HKLM)

Buy Now
Questions 149

What is the purpose of using Obfuscator in malware?

Options:

A.

Execute malicious code in the system

B.

Avoid encryption while passing through a VPN

C.

Avoid detection by security mechanisms

D.

Propagate malware to other connected devices

Buy Now
Questions 150

Which of the following information is displayed when Netstat is used with -ano switch?

Options:

A.

Ethernet statistics

B.

Contents of IP routing table

C.

Details of routing table

D.

Details of TCP and UDP connections

Buy Now
Exam Code: 312-49v9
Exam Name: Computer Hacking Forensic Investigator (v9)
Last Update: Dec 2, 2024
Questions: 589

PDF + Testing Engine

$164.99
$57.75

Testing Engine

$124.99
$43.75

PDF (Q&A)

$104.99
$36.75