EC-COUNCIL EC-COUNCIL Certifications 312-49 Questions & Answers

• Question 241:

  While looking through the IIS log file of a web server, you find the following entries:

  

  What is evident from this log file?

  A. Web bugs

  B. Cross site scripting

  C. Hidden fields

  D. SQL injection is possible

  Correct Answer: D

• Question 242:

  Why would you need to find out the gateway of a device when investigating a wireless attack?

  A. The gateway will be the IP of the proxy server used by the attacker to launch the attack

  B. The gateway will be the IP of the attacker computer

  C. The gateway will be the IP used to manage the RADIUS server

  D. The gateway will be the IP used to manage the access point

  Correct Answer: D

• Question 243:

  Using Internet logging software to investigate a case of malicious use of computers, the investigator comes across some entries that appear odd.

  

  From the log, the investigator can see where the person in question went on the Internet. From the log, it appears that the user was manually typing in different user ID numbers. What technique this user was trying?

  A. Parameter tampering

  B. Cross site scripting

  C. SQL injection

  D. Cookie Poisoning

  Correct Answer: A

• Question 244:

  Before performing a logical or physical search of a drive in Encase, what must be added to the program?

  A. File signatures

  B. Keywords

  C. Hash sets

  D. Bookmarks

  Correct Answer: B

• Question 245:

  When a router receives an update for its routing table, what is the metric value change to that path?

  A. Increased by 2

  B. Decreased by 1

  C. Increased by 1

  D. Decreased by 2

  Correct Answer: C

• Question 246:

  In handling computer-related incidents, which IT role should be responsible for recovery, containment, and prevention to constituents?

  A. Security Administrator

  B. Network Administrator

  C. Director of Information Technology

  D. Director of Administration

  Correct Answer: B

• Question 247:

  What will the following Linux command accomplish? dd if=/dev/mem of=/home/sam/mem.bin bs=1024

  A. Copy the master boot record to a file

  B. Copy the contents of the system folder to a file

  C. Copy the running memory to a file

  D. Copy the memory dump file to an image file

  Correct Answer: C

• Question 248:

  Using Linux to carry out a forensics investigation, what would the following command accomplish? dd if=/usr/home/partition.image of=/dev/sdb2 bs=4096 conv=notrunc,noerror

  A. Search for disk errors within an image file

  B. Backup a disk to an image file

  C. Copy a partition to an image file

  D. Restore a disk from an image file

  Correct Answer: D

• Question 249:

  Madison is on trial for allegedly breaking into her university internal network. The police raided her dorm room and seized all of her computer equipment. Madison lawyer is trying to convince the judge that the seizure was unfounded and baseless. Under which US Amendment is Madison lawyer trying to prove the police violated?

  A. The 10th Amendment

  B. The 5th Amendment

  C. The 1st Amendment

  D. The 4th Amendment

  Correct Answer: D

• Question 250:

  When is it appropriate to use computer forensics?

  A. If copyright and intellectual property theft/misuse has occurred

  B. If employees do not care for their boss management techniques

  C. If sales drop off for no apparent reason for an extended period of time

  D. If a financial institution is burglarized by robbers

  Correct Answer: A