Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Computer Hacking Forensic Investigator (v9)

Last Update 14 hours ago Total Questions : 589

The Computer Hacking Forensic Investigator (v9) content is now fully updated, with all current exam questions added 14 hours ago. Deciding to include 312-49v9 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our 312-49v9 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these 312-49v9 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Computer Hacking Forensic Investigator (v9) practice test comfortably within the allotted time.

Question # 121

Stephen is checking an image using Compare Files by The Wizard, and he sees the file signature is shown as FF D8 FF E1. What is the file type of the image?

A.

gif

B.

bmp

C.

jpeg

D.

png

Question # 122

Which of the following standard represents a legal precedent sent in 1993 by the Supreme Court of the United States regarding the admissibility of expert witnesses’ testimony during federal legal proceedings?

A.

IOCE

B.

SWGDE & SWGIT

C.

Frye

D.

Daubert

Question # 123

Files stored in the Recycle Bin in its physical location are renamed as Dxy.ext, where “x” represents the ___________________.

A.

Drive name

B.

Original file name’s extension

C.

Sequential number

D.

Original file name

Question # 124

Which of the following tool creates a bit-by-bit image of an evidence media?

A.

Recuva

B.

FileMerlin

C.

AccessData FTK Imager

D.

Xplico

Question # 125

The process of restarting a computer that is already turned on through the operating system is called?

A.

Warm boot

B.

Ice boot

C.

Hot Boot

D.

Cold boot

Question # 126

Amber, a black hat hacker, has embedded a malware into a small enticing advertisement and posted it on a popular ad-network that displays across various websites. What is she doing?

A.

Click-jacking

B.

Compromising a legitimate site

C.

Spearphishing

D.

Malvertising

Question # 127

How will you categorize a cybercrime that took place within a CSP’s cloud environment?

A.

Cloud as a Subject

B.

Cloud as a Tool

C.

Cloud as an Audit

D.

Cloud as an Object

Question # 128

What must be obtained before an investigation is carried out at a location?

A.

Search warrant

B.

Subpoena

C.

Habeas corpus

D.

Modus operandi

Question # 129

What happens when a file is deleted by a Microsoft operating system using the FAT file system?

A.

only the reference to the file is removed from the FAT

B.

the file is erased and cannot be recovered

C.

a copy of the file is stored and the original file is erased

D.

the file is erased but can be recovered

Question # 130

You are a security analyst performing reconnaissance on a company you will be carrying out a penetration test for. You conduct a search for IT jobs on Dice.com and find the following information for an open position: 7+ years experience in Windows Server environment 5+ years experience in Exchange 2000/2003 environment Experience with Cisco Pix Firewall, Linksys 1376 router, Oracle 11i and MYOB v3.4 Accounting software are required MCSA desired, MCSE, CEH preferred No Unix/Linux Experience needed What is this information posted on the job website considered?

A.

Social engineering exploit

B.

Competitive exploit

C.

Information vulnerability

D.

Trade secret

Question # 131

What feature of Windows is the following command trying to utilize?

A.

White space

B.

AFS

C.

ADS

D.

Slack file

Question # 132

During an investigation, an employee was found to have deleted harassing emails that were sent to someone else. The company was using Microsoft Exchange and had message tracking enabled. Where could the investigator search to find the message tracking log file on the Exchange server?

A.

C:\Program Files\Exchsrvr\servername.log

B.

D:\Exchsrvr\Message Tracking\servername.log

C.

C:\Exchsrvr\Message Tracking\servername.log

D.

C:\Program Files\Microsoft Exchange\srvr\servername.log

Question # 133

Why would you need to find out the gateway of a device when investigating a wireless attack?

A.

The gateway will be the IP of the proxy server used by the attacker to launch the attack

B.

The gateway will be the IP of the attacker computer

C.

The gateway will be the IP used to manage the RADIUS server

D.

The gateway will be the IP used to manage the access point

Question # 134

A company’s policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees don’t like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wireshark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?

A.

tcp.port = 23

B.

tcp.port == 21

C.

tcp.port == 21 || tcp.port == 22

D.

tcp.port != 21

Question # 135

The MAC attributes are timestamps that refer to a time at which the file was last modified or last accessed or originally created. Which of the following file systems store MAC attributes in Coordinated Universal Time (UTC) format?

A.

File Allocation Table (FAT

B.

New Technology File System (NTFS)

C.

Hierarchical File System (HFS)

D.

Global File System (GFS)

Go to page: