Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

How to Easily Pass the ECCouncil 312-49v9 Exam: Expert Advice

Questions 151

Data Files contain Multiple Data Pages, which are further divided into Page Header, Data Rows, and Offset Table. Which of the following is true for Data Rows?

Options:

A.

Data Rows store the actual data

B.

Data Rows present Page type. Page ID, and so on

C.

Data Rows point to the location of actual data

D.

Data Rows spreads data across multiple databases

Buy Now
Questions 152

Which of the following Android libraries are used to render 2D (SGL) or 3D (OpenGL/ES) graphics content to the screen?

Options:

A.

OpenGL/ES and SGL

B.

Surface Manager

C.

Media framework

D.

WebKit

Buy Now
Questions 153

In Windows, prefetching is done to improve system performance. There are two types of prefetching: boot prefetching and application prefetching. During boot prefetching, what does the Cache Manager do?

Options:

A.

Determines the data associated with value EnablePrefetcher

B.

Monitors the first 10 seconds after the process is started

C.

Checks whether the data is processed

D.

Checks hard page faults and soft page faults

Buy Now
Questions 154

%3cscript%3ealert(”XXXXXXXX”)%3c/script%3e is a script obtained from a Cross-Site Scripting attack. What type of encoding has the attacker employed?

Options:

A.

Double encoding

B.

Hex encoding

C.

Unicode

D.

Base64

Buy Now
Questions 155

What is the framework used for application development for iOS-based mobile devices?

Options:

A.

Cocoa Touch

B.

Dalvik

C.

Zygote

D.

AirPlay

Buy Now
Questions 156

Gill is a computer forensics investigator who has been called upon to examine a seized computer. This computer, according to the police, was used by a hacker who gained access to numerous banking institutions to steal customer information. After preliminary investigations, Gill finds in the computer’s log files that the hacker was able to gain access to these banks through the use of Trojan horses. The hacker then used these Trojan horses to obtain remote access to the companies’ domain controllers. From this point, Gill found that the hacker pulled off the SAM files from the domain controllers to then attempt and crack network passwords. What is the most likely password cracking technique used by this hacker to break the user passwords from the SAM files?

Options:

A.

Syllable attack

B.

Hybrid attack

C.

Brute force attack

D.

Dictionary attack

Buy Now
Questions 157

What does the command “C:\>wevtutil gl ” display?

Options:

A.

Configuration information of a specific Event Log

B.

Event logs are saved in .xml format

C.

Event log record structure

D.

List of available Event Logs

Buy Now
Questions 158

Which type of attack is possible when attackers know some credible information about the victim's password, such as the password length, algorithms involved, or the strings and characters used in its creation?

Options:

A.

Rule-Based Attack

B.

Brute-Forcing Attack

C.

Dictionary Attack

D.

Hybrid Password Guessing Attack

Buy Now
Questions 159

Report writing is a crucial stage in the outcome of an investigation. Which information should not be included in the report section?

Options:

A.

Speculation or opinion as to the cause of the incident

B.

Purpose of the report

C.

Author of the report

D.

Incident summary

Buy Now
Questions 160

NTFS sets a flag for the file once you encrypt it and creates an EFS attribute where it stores Data Decryption Field (DDF) and Data Recovery Field (DDR). Which of the following is not a part of DDF?

Options:

A.

Encrypted FEK

B.

Checksum

C.

EFS Certificate Hash

D.

Container Name

Buy Now
Questions 161

Which of the following setups should a tester choose to analyze malware behavior?

Options:

A.

A virtual system with internet connection

B.

A normal system without internet connect

C.

A normal system with internet connection

D.

A virtual system with network simulation for internet connection

Buy Now
Questions 162

An International Mobile Equipment Identifier (IMEI) is a 15-digit number that indicates the manufacturer, model type, and country of approval for GSM devices. The first eight digits of an IMEI number that provide information about the model and origin of the mobile device is also known as:

Options:

A.

Type Allocation Code (TAC)

B.

Integrated Circuit Code (ICC)

C.

Manufacturer Identification Code (MIC)

D.

Device Origin Code (DOC)

Buy Now
Questions 163

What do you call the process of studying the changes that have taken place across a system or a machine after a series of actions or incidents?

Options:

A.

Windows Services Monitoring

B.

System Baselining

C.

Start-up Programs Monitoring

D.

Host integrity Monitoring

Buy Now
Questions 164

Which among the following tools can help a forensic investigator to access the registry files during postmortem analysis?

Options:

A.

RegistryChangesView

B.

RegDIIView

C.

RegRipper

D.

ProDiscover

Buy Now
Questions 165

An investigator has extracted the device descriptor for a 1GB thumb drive that looks like: Disk&Ven_Best_Buy&Prod_Geek_Squad_U3&Rev_6.15. What does the “Geek_Squad” part represent?

Options:

A.

Product description

B.

Manufacturer Details

C.

Developer description

D.

Software or OS used

Buy Now
Exam Code: 312-49v9
Exam Name: Computer Hacking Forensic Investigator (v9)
Last Update: Dec 14, 2024
Questions: 589

PDF + Testing Engine

$164.99
$66

Testing Engine

$124.99
$50

PDF (Q&A)

$104.99
$42