Gary, a computer technician, is facing allegations of abusing children online by befriending them and sending them illicit adult images from his office computer. What type of investigation does this case require?
A. Administrative Investigation
B. Criminal Investigation
C. Both Criminal and Administrative Investigation
D. Civil Investigation
Rusty, a computer forensics apprentice, uses the command nbtstat 璫 while analyzing the network information in a suspect system. What information is he looking for?
A. Contents of the network routing table
B. Status of the network carrier
C. Contents of the NetBIOS name cache
D. Network connections
Which of the following is NOT an anti-forensics technique?
A. Data Deduplication
B. Steganography
C. Encryption
D. Password Protection
An International Mobile Equipment Identifier (IMEI) is a 15-digit number that indicates the manufacturer, model type, and country of approval for GSM devices. The first eight digits of an IMEI number that provide information about the model and origin of the mobile device is also known as:
A. Type Allocation Code (TAC)
B. Integrated Circuit Code (ICC)
C. Manufacturer Identification Code (MIC)
D. Device Origin Code (DOC)
When analyzing logs, it is important that the clocks of all the network devices are synchronized. Which protocol will help in synchronizing these clocks?
A. UTC
B. PTP
C. Time Protocol
D. NTP
Which of the following is a MAC-based File Recovery Tool?
A. VirtualLab
B. GetDataBack
C. Cisdem DataRecovery 3
D. Smart Undeleter
Smith, an employee of a reputed forensic investigation firm, has been hired by a private organization to investigate a laptop that is suspected to be involved in the hacking of the organization's DC server. Smith wants to find all the values typed into the Run box in the Start menu. Which of the following registry keys will Smith check to find the above information?
A. TypedURLs key
B. MountedDevices key
C. UserAssist Key
D. RunMRU key
What value of the "Boot Record Signature" is used to indicate that the boot-loader exists?
A. AA55
B. 00AA
C. AA00
D. A100
Lynne receives the following email:
Dear [email protected]! We are sorry to inform you that your ID has been temporarily frozen due to
incorrect or missing information saved at 2016/11/10 20:40:24 You have 24 hours to fix this problem or risk
to be closed permanently!
To proceed Please Connect >> My Apple ID
Thank You The link to My Apple ID shows http://byggarbetsplatsen.se/backup/signon/
What type of attack is this?
A. Mail Bombing
B. Phishing
C. Email Spamming
D. Email Spoofing
Which of the following ISO standard defines file systems and protocol for exchanging data between optical disks?
A. ISO 9660
B. ISO/IEC 13940
C. ISO 9060
D. IEC 3490
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.