Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Computer Hacking Forensic Investigator (v9)

Last Update 14 hours ago Total Questions : 589

The Computer Hacking Forensic Investigator (v9) content is now fully updated, with all current exam questions added 14 hours ago. Deciding to include 312-49v9 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our 312-49v9 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these 312-49v9 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Computer Hacking Forensic Investigator (v9) practice test comfortably within the allotted time.

Question # 16

Graphics Interchange Format (GIF) is a ____ RGB bitmap image format for images with up to 256 distinct colors per frame.

A.

8-bit

B.

32-bit

C.

16-bit

D.

24-bit

Question # 17

What value of the " Boot Record Signature " is used to indicate that the boot-loader exists?

A.

AA55

B.

00AA

C.

AA00

D.

A100

Question # 18

Event correlation is the process of finding relevance between the events that produce a final result. What type of correlation will help an organization to correlate events across a set of servers, systems, routers and network?

A.

Same-platform correlation

B.

Network-platform correlation

C.

Cross-platform correlation

D.

Multiple-platform correlation

Question # 19

Travis, a computer forensics investigator, is finishing up a case he has been working on for over a month involving copyright infringement and embezzlement. His last task is to prepare an investigative report for the president of the company he has been working for. Travis must submit a hard copy and an electronic copy to this president. In what electronic format should Travis send this report?

A.

TIFF-8

B.

DOC

C.

WPD

D.

PDF

Question # 20

Lynne receives the following email:

Dear lynne@gmail.com! We are sorry to inform you that your ID has been temporarily frozen due to incorrect or missing information saved at 2016/11/10 20:40:24

You have 24 hours to fix this problem or risk to be closed permanently!

To proceed Please Connect > > My Apple ID

Thank You The link to My Apple ID shows http://byggarbetsplatsen.se/backup/signon/

What type of attack is this?

A.

Mail Bombing

B.

Phishing

C.

Email Spamming

D.

Email Spoofing

Question # 21

In which cloud crime do attackers try to compromise the security of the cloud environment in order to steal data or inject a malware?

A.

Cloud as an Object

B.

Cloud as a Tool

C.

Cloud as an Application

D.

Cloud as a Subject

Question # 22

Company ABC has employed a firewall, IDS, Antivirus, Domain Controller, and SIEM. The company’s domain controller goes down. From which system would you begin your investigation?

A.

Domain Controller

B.

Firewall

C.

SIEM

D.

IDS

Question # 23

Before performing a logical or physical search of a drive in Encase, what must be added to the program?

A.

File signatures

B.

Keywords

C.

Hash sets

D.

Bookmarks

Question # 24

During an investigation of an XSS attack, the investigator comes across the term “[a-zA-Z0-9\%]+” in analyzed evidence details. What is the expression used for?

A.

Checks for upper and lower-case alphanumeric string inside the tag, or its hex representation

B.

Checks for forward slash used in HTML closing tags, its hex or double-encoded hex equivalent

C.

Checks for opening angle bracket, its hex or double-encoded hex equivalent

D.

Checks for closing angle bracket, hex or double-encoded hex equivalent

Question # 25

What document does the screenshot represent?

A.

Expert witness form

B.

Search warrant form

C.

Chain of custody form

D.

Evidence collection form

Question # 26

In Windows, prefetching is done to improve system performance. There are two types of prefetching: boot prefetching and application prefetching. During boot prefetching, what does the Cache Manager do?

A.

Determines the data associated with value EnablePrefetcher

B.

Monitors the first 10 seconds after the process is started

C.

Checks whether the data is processed

D.

Checks hard page faults and soft page faults

Question # 27

You have been asked to investigate the possibility of computer fraud in the finance department of a company. It is suspected that a staff member has been committing finance fraud by printing cheques that have not been authorized. You have exhaustively searched all data files on a bitmap image of the target computer, but have found no evidence. You suspect the files may not have been saved. What should you examine next in this case?

A.

The registry

B.

The swap file

C.

The recycle bin

D.

The metadata

Question # 28

Which legal document allows law enforcement to search an office, place of business, or other locale for evidence relating to an alleged crime?

A.

bench warrant

B.

wire tap

C.

subpoena

D.

search warrant

Question # 29

You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

A.

All three servers need to be placed internally

B.

A web server and the database server facing the Internet, an application server on the internal network

C.

A web server facing the Internet, an application server on the internal network, a database server on the internal network

D.

All three servers need to face the Internet so that they can communicate between themselves

Question # 30

E-mail logs contain which of the following information to help you in your investigation? (Choose four.)

A.

user account that was used to send the account

B.

attachments sent with the e-mail message

C.

unique message identifier

D.

contents of the e-mail message

E.

date and time the message was sent

Go to page: