Black Friday Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

examstrack slider

How to Easily Pass the ECCouncil 312-49v9 Exam: Expert Advice

Questions 76

What type of equipment would a forensics investigator store in a StrongHold bag?

Options:

A.

PDAPDA?

B.

Backup tapes

C.

Hard drives

D.

Wireless cards

Buy Now
Questions 77

An executive has leaked the company trade secrets through an external drive. What process should the investigation team take if they could retrieve his system?

Options:

A.

Postmortem Analysis

B.

Real-Time Analysis

C.

Packet Analysis

D.

Malware Analysis

Buy Now
Questions 78

Stephen is checking an image using Compare Files by The Wizard, and he sees the file signature is shown as FF D8 FF E1. What is the file type of the image?

Options:

A.

gif

B.

bmp

C.

jpeg

D.

png

Buy Now
Questions 79

Paul is a computer forensics investigator working for Tyler & Company Consultants. Paul has been called upon to help investigate a computer hacking ring broken up by the local police. Paul begins to inventory the PCs found in the hackers hideout. Paul then comes across a PDA left by them that is attached to a number of different peripheral devices. What is the first step that Paul must take with the PDA to ensure the integrity of the investigation?

Options:

A.

Place PDA, including all devices, in an antistatic bag

B.

Unplug all connected devices

C.

Power off all devices if currently on

D.

Photograph and document the peripheral devices

Buy Now
Questions 80

A picture file is recovered from a computer under investigation. During the investigation process, the file is enlarged 500% to get a better view of its contents. The picture quality is not degraded at all from this process. What kind of picture is this file. What kind of picture is this file?

Options:

A.

Raster image

B.

Vector image

C.

Metafile image

D.

Catalog image

Buy Now
Questions 81

In handling computer-related incidents, which IT role should be responsible for recovery, containment, and prevention to constituents?

Options:

A.

Security Administrator

B.

Network Administrator

C.

Director of Information Technology

D.

Director of Administration

Buy Now
Questions 82

An on-site incident response team is called to investigate an alleged case of computer tampering within their company. Before proceeding with the investigation, the CEO informs them that the incident will be classified as low level. How long will the team have to respond to the incident?

Options:

A.

One working day

B.

Two working days

C.

Immediately

D.

Four hours

Buy Now
Questions 83

When investigating a wireless attack, what information can be obtained from the DHCP logs?

Options:

A.

The operating system of the attacker and victim computers

B.

IP traffic between the attacker and the victim

C.

MAC address of the attacker

D.

If any computers on the network are running in promiscuous mode

Buy Now
Questions 84

What technique used by Encase makes it virtually impossible to tamper with evidence once it has been acquired?

Options:

A.

Every byte of the file(s) is given an MD5 hash to match against a master file

B.

Every byte of the file(s) is verified using 32-bit CRC

C.

Every byte of the file(s) is copied to three different hard drives

D.

Every byte of the file(s) is encrypted using three different methods

Buy Now
Questions 85

What must an investigator do before disconnecting an iPod from any type of computer?

Options:

A.

Unmount the iPod

B.

Mount the iPod

C.

Disjoin the iPod

D.

Join the iPod

Buy Now
Questions 86

Which of the following stages in a Linux boot process involve initialization of the system’s hardware?

Options:

A.

BIOS Stage

B.

Bootloader Stage

C.

BootROM Stage

D.

Kernel Stage

Buy Now
Questions 87

Tyler is setting up a wireless network for his business that he runs out of his home. He has followed all the directions from the ISP as well as the wireless router manual. He does not have any encryption set and the SSID is being broadcast. On his laptop, he can pick up the wireless signal for short periods of time, but then the connection drops and the signal goes away.

Eventually the wireless signal shows back up, but drops intermittently. What could be Tyler issue with his home wireless network?

Options:

A.

Computers on his wired network

B.

Satellite television

C.

2.4Ghz Cordless phones

D.

CB radio

Buy Now
Questions 88

A computer forensics investigator is inspecting the firewall logs for a large financial institution that has employees working 24 hours a day, 7 days a week.

312-49v9 Question 88

What can the investigator infer from the screenshot seen below?

Options:

A.

A smurf attack has been attempted

B.

A denial of service has been attempted

C.

Network intrusion has occurred

D.

Buffer overflow attempt on the firewall.

Buy Now
Questions 89

If a PDA is seized in an investigation while the device is turned on, what would be the proper procedure?

Options:

A.

Keep the device powered on

B.

Turn off the device immediately

C.

Remove the battery immediately

D.

Remove any memory cards immediately

Buy Now
Questions 90

Bob has encountered a system crash and has lost vital data stored on the hard drive of his Windows computer. He has no cloud storage or backup hard drives. he wants to recover all those data, which includes his personal photos, music, documents, videos, official email, etc. Which of the following tools shall resolve Bob’s purpose?

Options:

A.

Colasoft’s Capsa

B.

Recuva

C.

Cain & Abel

D.

Xplico

Buy Now
Exam Code: 312-49v9
Exam Name: Computer Hacking Forensic Investigator (v9)
Last Update: Dec 2, 2024
Questions: 589

PDF + Testing Engine

$164.99
$57.75

Testing Engine

$124.99
$43.75

PDF (Q&A)

$104.99
$36.75