A state department site was recently attacked and all the servers had their disks erased. The incident response team sealed the area and commenced investigation. During evidence collection they came across a zip disks that did not have the standard labeling on it. The incident team ran the disk on an isolated system and found that the system disk was accidentally erased. They decided to call in the FBI for further investigation. Meanwhile, they short listed possible suspects including three summer interns. Where did the incident team go wrong?
A. They examined the actual evidence on an unrelated system
B. They attempted to implicate personnel without proof
C. They tampered with evidence by using it
D. They called in the FBI without correlating with the fingerprint data
What TCP/UDP port does the toolkit program netstat use?
A. Port 7
B. Port 15
C. Port 23
D. Port 69
What type of attack occurs when an attacker can force a router to stop forwarding packets by flooding the router with many open connections simultaneously so that all the hosts behind the router are effectively disabled?
A. ARP redirect
B. Physical attack
C. Digital attack
D. Denial of service
What will the following URL produce in an unpatched IIS Web Server? http://www.thetargetsite.com/
scripts/..%
co%af../..%co%af../windows/system32/cmd.exe?/c+dir+c:\
A. Directory listing of C: drive on the web server
B. Execute a buffer flow in the C: drive of the web server
C. Directory listing of the C:\windows\system32 folder on the web server
D. Insert a Trojan horse into the C: drive of the web server
Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the axfr and ixfr commands using DIG. What is Simon trying to accomplish here?
A. Send DOS commands to crash the DNS servers
B. Perform DNS poisoning
C. Enumerate all the users in the domain
D. Perform a zone transfer
When examining the log files from a Windows IIS Web Server, how often is a new log file created?
A. the same log is used at all times
B. a new log file is created everyday
C. a new log file is created each week
D. a new log is created each time the Web Server is started
Your company uses Cisco routers exclusively throughout the network. After securing the routers to the best of your knowledge, an outside security firm is brought in to assess the network security. Although they found very few issues, they were able to enumerate the model, OS version, and capabilities for all your Cisco routers with very little effort. Which feature will you disable to eliminate the ability to enumerate this information on your Cisco routers?
A. Simple Network Management Protocol
B. Cisco Discovery Protocol
C. Border Gateway Protocol
D. Broadcast System Protocol
Sniffers that place NICs in promiscuous mode work at what layer of the OSI model?
A. Network
B. Transport
C. Physical
D. Data Link
When you carve an image, recovering the image depends on which of the following skills?
A. Recognizing the pattern of the header content
B. Recovering the image from a tape backup
C. Recognizing the pattern of a corrupt file
D. Recovering the image from the tape backup
To make sure the evidence you recover and analyze with computer forensics software can be admitted in court, you must test and validate the software. What group is actively providing tools and creating procedures for testing and validating computer forensics software ?
A. Computer Forensics Tools and Validation Committee (CFTVC)
B. Association of Computer Forensics Software Manufactures (ACFSM)
C. National Institute of Standards and Technology (NIST)
D. Society for Valid Forensics Tools and Testing (SVFTT)
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.