While working for a prosecutor, What do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense ?
A. Keep the information of file for later review
B. Destroy the evidence
C. Bring the information to the attention of the prosecutor, his or her supervisor or finally to the judge
D. Present the evidence to the defense attorney
When investigating a wireless attack, what information can be obtained from the DHCP logs?
A. The operating system of the attacker and victim computersThe operating system of the attacker and victim? computers
B. IP traffic between the attacker and the victim
C. MAC address of the attacker If any computers on the network are running in promiscuous mode
After passively scanning the network of Department of Defense (DoD), you switch over to active scanning to identify live hosts on their network. DoD is a large organization and should respond to any number of scans. You start an ICMP ping sweep by sending an IP packet to the broadcast address. Only five hosts responds to your ICMP pings; definitely not the number of hosts you were expecting. Why did this ping sweep only produce a few responses?
A. Only IBM AS/400 will reply to this scan
B. Only Windows systems will reply to this scan
C. Only Unix and Unix-like systems will reply to this scan
D. A switched network will not respond to packets sent to the broadcast address
To calculate the number of bytes on a disk, the formula is: CHS**
A. number of circles x number of halves x number of sides x 512 bytes per sector
B. number of cylinders x number of halves x number of shims x 512 bytes per sector
C. number of cells x number of heads x number of sides x 512 bytes per sector
D. number of cylinders x number of heads x number of sides x 512 bytes per sector
The rule of thumb when shutting down a system is to pull the power plug. However, it has certain drawbacks. Which of the following would that be?
A. Any data not yet flushed to the system will be lost
B. All running processes will be lost
C. The /tmp directory will be flushed
D. Power interruption will corrupt the pagefile
In Microsoft file structures, sectors are grouped together to form:
A. Clusters
B. Drives
C. Bitstreams
D. Partitions
You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have rummaged through their trash and found very little information. You do not want to set off any alarms on their network, so you plan on performing passive footprinting against their Web servers. What tool should you use?
A. Dig
B. Ping sweep
C. Netcraft
D. Nmap
What are the security risks of running a "repair" installation for Windows XP?
A. Pressing Shift+F1 gives the user administrative rights
B. Pressing Ctrl+F10 gives the user administrative rights
C. There are no security risks when running the "repair" installation for Windows XP
D. Pressing Shift+F10 gives the user administrative rights
Jones had been trying to penetrate a remote production system for the past two weeks. This time however, he is able to get into the system. He was able to use the system for a period of three weeks. However law enforcement agencies were recording his every activity and this was later presented as evidence. The organization had used a virtual environment to trap Jones. What is a virtual environment?
A. A system using Trojaned commands
B. A honeypot that traps hackers
C. An environment set up after the user logs in
D. An environment set up before an user logs in
Michael works for Kimball Construction Company as senior security analyst. As part of yearly security audit, Michael scans his network for vulnerabilities. Using Nmap, Michael conducts XMAS scan and most of the ports scanned do not give a response. In what state are these ports?
A. Filtered
B. Closed
C. Open
D. Stealth
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V9 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.