Which of the following commands shows you the username and IP address used to access the system via a remote login session and the Type of client from which they are accessing the system?
A. Net sessions
B. Net file
C. Net config
D. Net share
How do you define Technical Steganography?
A. Steganography that uses physical or chemical means to hide the existence of a message
B. Steganography that utilizes written natural language to hide the message in the carrier in some non-obvious ways
C. Steganography that utilizes written JAVA language to hide the message in the carrier in some non-obvious ways
D. Steganography that utilizes visual symbols or signs to hide secret messages
Which of the following statement is not correct when dealing with a powered-on computer at the crime scene?
A. If a computer is switched on and the screen is viewable, record the programs running on screen and photograph the screen
B. If a computer is on and the monitor shows some picture or screen saver, move the mouse slowly without depressing any mouse button and take a photograph of the screen and record the information displayed
C. If a monitor is powered on and the display is blank, move the mouse slowly without depressing any mouse button and take a photograph
D. If the computer is switched off. power on the computer to take screenshot of the desktop
What is the "Best Evidence Rule"?
A. It states that the court only allows the original evidence of a document, photograph, or recording at the trial rather than a copy
B. It contains system time, logged-on user(s), open files, network information, process information, process-to-port mapping, process memory, clipboard contents, service/driver information, and command history
C. It contains hidden files, slack space, swap file, index.dat files, unallocated clusters, unused partitions, hidden partitions, registry settings, and event logs
D. It contains information such as open network connection, user logout, programs that reside in memory, and cache data
Damaged portions of a disk on which no read/Write operation can be performed is known as ______________.
A. Lost sector
B. Bad sector
C. Empty sector
D. Unused sector
Email archiving is a systematic approach to save and protect the data contained in emails so that it can tie easily accessed at a later date.
A. True
B. False
What is the goal of forensic science?
A. To determine the evidential value of the crime scene and related evidence
B. Mitigate the effects of the information security breach
C. Save the good will of the investigating organization
D. It is a disciple to deal with the legal processes
Smith, as a part his forensic investigation assignment, has seized a mobile device. He was asked to recover the Subscriber Identity Module (SIM card) data the mobile device. Smith found that the SIM was protected by a Personal identification Number (PIN) code but he was also aware that people generally leave the PIN numbers to the defaults or use easily guessable numbers such as 1234. He unsuccessfully tried three PIN numbers that blocked the SIM card. What Jason can do in this scenario to reset the PIN and access SIM data?
A. He should contact the device manufacturer for a Temporary Unlock Code (TUK) to gain access to the SIM
B. He cannot access the SIM data in this scenario as the network operators or device manufacturers have no idea about a device PIN
C. He should again attempt PIN guesses after a time of 24 hours
D. He should ask the network operator for Personal Unlock Number (PUK) to gain access to the SIM
Network forensics allows Investigators to inspect network traffic and logs to identify and locate the attack system
Network forensics can reveal: (Select three answers)
A. Source of security incidents' and network attacks
B. Path of the attack
C. Intrusion techniques used by attackers
D. Hardware configuration of the attacker's system
Identify the attack from following sequence of actions? Step 1: A user logs in to a trusted site and creates a new session Step 2: The trusted site stores a session identifier for the session in a cookie in the web browser Step 3: The user is tricked to visit a malicious site Step 4: the malicious site sends a request from the user's browser using his session cookie
A. Web Application Denial-of-Service (DoS) Attack
B. Cross-Site Scripting (XSS) Attacks
C. Cross-Site Request Forgery (CSRF) Attack
D. Hidden Field Manipulation Attack
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.