Download New Updated (July) ECCouncil 312-49 Actual Test 91-100

Ensurepass

 

QUESTION 91

Data files from original evidence should be used for forensics analysis

 

A.

True

B.

False

 

Correct Answer: B

 

 

QUESTION 92

Attacker uses vulnerabilities in the authentication or session management functions such as exposed accounts, session IDs, logout, password management, timeouts, remember me. secret question, account update etc. to impersonate users, if a user simply closes the browser without logging out from sites accessed through a public computer, attacker can use the same browser later and exploit the user’s privileges. Which of the following vulnerability/exploitation is referred above?

 

A.

Session ID in URLs

B.

Timeout Exploitation

C.

I/O exploitation

D.

Password Exploitation

 

Correct Answer: B

 

 

QUESTION 93

Mobile phone forensics is the science of recovering digital evidence from a mobile phone under forensically sound conditions.

 

A.

True

B.

False

 

Correct Answer: A

 

 

QUESTION 94

What is the first step that needs to be carried out to crack the password?

 

A.

A word list is created using a dictionary generator program or dictionaries

B.

The list of dictionary words is hashed or encrypted

C.

The hashed wordlist is compared against the target hashed password, generally one word at a time

D.

If it matches, that password has been cracked and the password cracker displays the unencrypted version of the password< /p>

 

Correct Answer: A

 

 

QUESTION 95

When a system is compromised, attackers often try to disable auditing, in Windows 7; modifications to the audit policy are recorded as entries of Event ID ____________.

 

A.

4902

B.

3902

C.

4904

D.

3904

 

Correct Answer: A

 

 

QUESTION 96

Which of the following commands shows you the NetBIOS name table each?

 

clip_image002

 

A.

Option A

B.

Option B

C.

Option C

D.

Option D

 

Correct Answer: A

 

 

 

 

 

QUESTION 97

Deposition enables opposing counsel to preview an expert witness’s testimony at trial. Which of the following deposition is not a standard practice?

 

A.

Both attorneys are present

B.

Only one attorneys is present

C.

No jury or judge

D.

Opposing counsel asks questions

 

Correct Answer: B

 

 

QUESTION 98

WPA2 provides enterprise and Wi-Fi users with stronger data protection and network access control which of the following encryption algorithm is used DVWPA2?

 

A.

RC4-CCMP

B.

RC4-TKIP

C.

AES-CCMP

D.

AES-TKIP

 

Correct Answer: C

 

 

QUESTION 99

When collecting evidence from the RAM, where do you look for data?

 

A.

Swap file

B.

SAM file

C.

Data file

D.

Log file

 

Correct Answer: A

 

 

QUESTION 100

Hard disk data addressing is a method of allotting addresses to each ___________ of data on a hard disk

 

A.

Physical block

B.

Logical block

C.

Operating system block

D.

Hard disk block

 

Correct Answer: A

 

Free VCE & PDF File for ECCouncil 312-49 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in 312-49 Real Tests (July) and tagged , , , , , , . Bookmark the permalink.