EC-COUNCIL EC-COUNCIL Certifications 312-49V10 Questions & Answers

• Question 351:

  What binary coding is used most often for e-mail purposes?

  A. SMTP

  B. Uuencode

  C. IMAP

  D. MIME

  Correct Answer: D

• Question 352:

  When investigating a computer forensics case where Microsoft Exchange and Blackberry Enterprise server are used, where would investigator need to search to find email sent from a Blackberry device?

  A. RIM Messaging center

  B. Blackberry Enterprise server

  C. Microsoft Exchange server

  D. Blackberry desktop redirector

  Correct Answer: C

• Question 353:

  When obtaining a warrant it is important to:

  A. particularly describe the place to be searched and particularly describe the items to be seized

  B. generally describe the place to be searched and particularly describe the items to be seized

  C. generally describe the place to be searched and generally describe the items to be seized

  D. particularly describe the place to be searched and generally describe the items to be seized

  Correct Answer: A

• Question 354:

  Kimberly is studying to be an IT security analyst at a vocational school in her town. The school offers many different programming as well as networking languages. What networking protocol language should she learn that routers utilize?

  A. BPG

  B. ATM

  C. OSPF

  D. UDP

  Correct Answer: C

• Question 355:

  On Linux/Unix based Web servers, what privilege should the daemon service be run under?

  A. Something other than root

  B. Root

  C. Guest

  D. You cannot determine what privilege runs the daemon service

  Correct Answer: A

• Question 356:

  Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test. The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable. What kind of results did Jim receive from his vulnerability analysis?

  A. False negatives

  B. True negatives

  C. True positives

  D. False positives

  Correct Answer: A

• Question 357:

  E-mail logs contain which of the following information to help you in your investigation? (Select up to 4)

  A. user account that was used to send the account

  B. attachments sent with the e-mail message

  C. unique message identifier

  D. contents of the e-mail message

  E. date and time the message was sent

  Correct Answer: ACDE

• Question 358:

  Using Internet logging software to investigate a case of malicious use of computers, the investigator comes across some entries that appear odd.

  

  From the log, the investigator can see where the person in question went on the Internet. From the log, it

  appears that the user was manually typing in different user ID numbers.

  What technique this user was trying?

  A. Parameter tampering

  B. Cross site scripting

  C. SQL injection

  D. Cookie Poisoning

  Correct Answer: A

• Question 359:

  Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is Jessica going to perform?

  A. ICMP ping sweep

  B. Ping trace

  C. Tracert

  D. Smurf scan

  Correct Answer: A

• Question 360:

  In a computer forensics investigation, what describes the route that evidence takes from the time you find it until the case is closed or goes to court?

  A. Policy of separation

  B. Chain of custody

  C. Rules of evidence

  D. Law of probability

  Correct Answer: B