Exam Code: 312-49v10 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Computer Hacking Forensic Investigator (CHFI-v10)
Certification Provider: EC-Council
Free Today! Guaranteed Training- Pass 312-49v10 Exam.

Online EC-Council 312-49v10 free dumps demo Below:

NEW QUESTION 1

Which of the following applications will allow a forensic investigator to track the user login sessions and user transactions that have occurred on an MS SQL Server?

  • A. ApexSQL Audit
  • B. netcat
  • C. Notepad++
  • D. Event Log Explorer

Answer: A

NEW QUESTION 2

Which tool does the investigator use to extract artifacts left by Google Drive on the system?

  • A. PEBrowse Professional
  • B. RegScanner
  • C. RAM Capturer
  • D. Dependency Walker

Answer: C

NEW QUESTION 3

Which of the following Registry components include offsets to other cells as well as the LastWrite time for the key?

  • A. Value list cell
  • B. Value cell
  • C. Key cell
  • D. Security descriptor cell

Answer: C

NEW QUESTION 4

Which of the following Event Correlation Approach checks and compares all the fields systematically and
intentionally for positive and negative correlation with each other to determine the correlation across one or multiple fields?

  • A. Rule-Based Approach
  • B. Automated Field Correlation
  • C. Field-Based Approach
  • D. Graph-Based Approach

Answer: B

NEW QUESTION 5

When Investigating a system, the forensics analyst discovers that malicious scripts were Injected Into benign and trusted websites. The attacker used a web application to send malicious code. In the form of a browser side script, to a different end-user. What attack was performed here?

  • A. Brute-force attack
  • B. Cookie poisoning attack
  • C. Cross-site scripting attack
  • D. SQL injection attack

Answer: C

NEW QUESTION 6

As part of extracting the system data, Jenifer has used the netstat command. What does this tool reveal?

  • A. Status of users connected to the internet
  • B. Net status of computer usage
  • C. Information about network connections
  • D. Status of network hardware

Answer: C

NEW QUESTION 7

Which tool allows dumping the contents of process memory without stopping the process?

  • A. psdump.exe
  • B. pmdump.exe
  • C. processdump.exe
  • D. pdump.exe

Answer: B

NEW QUESTION 8

After undergoing an external IT audit, George realizes his network is vulnerable to DDoS attacks. What countermeasures could he take to prevent DDoS attacks?

  • A. Enable direct broadcasts
  • B. Disable direct broadcasts
  • C. Disable BGP
  • D. Enable BGP

Answer: B

NEW QUESTION 9

Which of the following acts as a network intrusion detection system as well as network intrusion prevention system?

  • A. Accunetix
  • B. Nikto
  • C. Snort
  • D. Kismet

Answer: C

NEW QUESTION 10

What feature of Decryption Collection allows an investigator to crack a password as quickly as possible?

  • A. Cracks every password in 10 minutes
  • B. Distribute processing over 16 or fewer computers
  • C. Support for Encrypted File System
  • D. Support for MD5 hash verification

Answer: B

NEW QUESTION 11

What is the framework used for application development for iOS-based mobile devices?

  • A. Cocoa Touch
  • B. Dalvik
  • C. Zygote
  • D. AirPlay

Answer: A

NEW QUESTION 12

Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the axfr and ixfr commands using DIG. What is Simon trying to accomplish here?

  • A. Send DOS commands to crash the DNS servers
  • B. Perform DNS poisoning
  • C. Perform a zone transfer
  • D. Enumerate all the users in the domain

Answer: C

NEW QUESTION 13

When reviewing web logs, you see an entry for resource not found in the HTTP status code filed. What is the actual error code that you would see in the log for resource not found?

  • A. 202
  • B. 404
  • C. 505
  • D. 909

Answer: B

NEW QUESTION 14

Which of the following is a tool to reset Windows admin password?

  • A. R-Studio
  • B. Windows Password Recovery Bootdisk
  • C. Windows Data Recovery Software
  • D. TestDisk for Windows

Answer: B

NEW QUESTION 15

As a CHFI professional, which of the following is the most important to your professional reputation?

  • A. Your Certifications
  • B. The correct, successful management of each and every case
  • C. The free that you charge
  • D. The friendship of local law enforcement officers

Answer: B

NEW QUESTION 16

Preparing an image drive to copy files to is the first step in Linux forensics. For this purpose, what would the following command accomplish?
dcfldd if=/dev/zero of=/dev/hda bs=4096 conv=noerror, sync

  • A. Fill the disk with zeros
  • B. Low-level format
  • C. Fill the disk with 4096 zeros
  • D. Copy files from the master disk to the slave disk on the secondary IDE controller

Answer: A

NEW QUESTION 17
......

P.S. Certshared now are offering 100% pass ensure 312-49v10 dumps! All 312-49v10 exam questions have been updated with correct answers: https://www.certshared.com/exam/312-49v10/ (701 New Questions)