Which of the following statements does not support the case assessment?
A. Review the case investigator's request for service
B. Identify the legal authority for the forensic examination request
C. Do not document the chain of custody
D. Discuss whether other forensic processes need to be performed on the evidence
When a file or folder is deleted, the complete path, including the original file name, is stored in a special hidden file called "INF02" in the Recycled folder. If the INF02 file is deleted, it is re-created when you___________.
A. Restart Windows
B. Kill the running processes in Windows task manager
C. Run the antivirus tool on the system
D. Run the anti-spyware tool on the system
In which step of the computer forensics investigation methodology would you run MD5 checksum on the evidence?
A. Obtain search warrant
B. Evaluate and secure the scene
C. Collect the evidence
D. Acquire the data
First responder is a person who arrives first at the crime scene and accesses the victim's computer system after the incident. He or She is responsible for protecting, integrating, and preserving the evidence obtained from the crime scene.
Which of the following is not a role of first responder?
A. Identify and analyze the crime scene
B. Protect and secure the crime scene
C. Package and transport the electronic evidence to forensics lab
D. Prosecute the suspect in court of law
An expert witness is a witness, who by virtue of education, profession, or experience, is believed to have special knowledge of his/her subject beyond that of the average person, sufficient that others legally depend upon his/her opinion.
A. True
B. False
Data Acquisition is the process of imaging or otherwise obtaining information from a digital device and its peripheral equipment and media
A. True
B. False
A forensic investigator is a person who handles the complete Investigation process, that is, the preservation, identification, extraction, and documentation of the evidence. The investigator has many roles and responsibilities relating to the cybercrime analysis. The role of the forensic investigator is to:
A. Take permission from all employees of the organization for investigation
B. Harden organization network security
C. Create an image backup of the original evidence without tampering with potential evidence
D. Keep the evidence a highly confidential and hide the evidence from law enforcement agencies
Under no circumstances should anyone, with the exception of qualified computer forensics personnel, make any attempts to restore or recover information from a computer system or device that holds electronic information.
A. True
B. False
Who is responsible for the following tasks?
Secure the scene and ensure that it is maintained In a secure state until the Forensic Team advises Make notes about the scene that will eventually be handed over to the Forensic Team
A. Non-Laboratory Staff
B. System administrators
C. Local managers or other non-forensic staff
D. Lawyers
What is static executable file analysis?
A. It is a process that consists of collecting information about and from an executable file without actually launching the file under any circumstances
B. It is a process that consists of collecting information about and from an executable file by launching the file under any circumstances
C. It is a process that consists of collecting information about and from an executable file without actually launching an executable file in a controlled and monitored environment
D. It is a process that consists of collecting information about and from an executable file by launching an executable file in a controlled and monitored environment
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V9 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.