This page was exported from IT certification exam materials [ http://blog.dumpleader.com ] Export date:Mon Apr 21 11:51:16 2025 / +0000 GMT ___________________________________________________ Title: [2024] 312-49v10 All-in-One Exam Guide Practice To your 312-49v10 Exam! [Q12-Q34] --------------------------------------------------- [2024] 312-49v10 All-in-One Exam Guide Practice To your 312-49v10 Exam! Preparations of 312-49v10 Exam 2024 CHFI v10 Unlimited 706 Questions NO.12 Which of the following is a tool to reset Windows admin password?  R-Studio  Windows Password Recovery Bootdisk  Windows Data Recovery Software  TestDisk for Windows NO.13 The newer Macintosh Operating System is based on:  OS/2  BSD Unix  Linux  Microsoft Windows NO.14 While working for a prosecutor, what do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense?  Keep the information of file for later review  Destroy the evidence  Bring the information to the attention of the prosecutor, his or her supervisor or finally to the judge  Present the evidence to the defense attorney NO.15 An investigator Is examining a file to identify any potentially malicious content. To avoid code execution and still be able to uncover hidden indicators of compromise (IOC), which type of examination should the investigator perform:  Threat hunting  Threat analysis  Static analysis  Dynamic analysis NO.16 Which of the following is a device monitoring tool?  Capsa  Driver Detective  Regshot  RAM Capturer NO.17 A picture file is recovered from a computer under investigation. During the investigation process, the file is enlarged 500% to get a better view of its contents. The picture quality is not degraded at all from this process. What kind of picture is this file. What kind of picture is this file?  Raster image  Vector image  Metafile image  Catalog image NO.18 POP3 is an Internet protocol, which is used to retrieve emails from a mail server. Through which port does an email client connect with a POP3 server?  110  143  25  993 NO.19 A packet is sent to a router that does not have the packet destination address in its route table.How will the packet get to its proper destination?  Root Internet servers  Border Gateway Protocol  Gateway of last resort  Reverse DNS NO.20 It takes _____________ mismanaged case/s to ruin your professional reputation as a computer forensics examiner?  by law, three  quite a few  only one  at least two NO.21 If you plan to startup a suspect’s computer, you must modify the ___________ to ensure that you do not contaminate or alter data on the suspect’s hard drive by booting to the hard drive.  deltree command  CMOS  Boot.sys  Scandisk utility NO.22 The offset in a hexadecimal code is:  The last byte after the colon  The 0x at the beginning of the code  The 0x at the end of the code  The first byte after the colon NO.23 Which federal computer crime law specifically refers to fraud and related activity in connection with access devices like routers?  18 U.S.C. 1029  18 U.S.C. 1362  18 U.S.C. 2511  18 U.S.C. 2703 NO.24 After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, stateful firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet. Why is that?  Stateful firewalls do not work with packet filtering firewalls  NAT does not work with stateful firewalls  IPSEC does not work with packet filtering firewalls  NAT does not work with IPSEC NO.25 What hashing method is used to password protect Blackberry devices?  AES  RC5  MD5  SHA-1 NO.26 When examining a file with a Hex Editor, what space does the file header occupy?  the last several bytes of the file  the first several bytes of the file  none, file headers are contained in the FAT  one byte at the beginning of the file NO.27 Rusty, a computer forensics apprentice, uses the command nbtstat -c while analyzing the network information in a suspect system. What information is he looking for?  Contents of the network routing table  Status of the network carrier  Contents of the NetBIOS name cache  Network connections NO.28 Why are Linux/Unix based computers better to use than Windows computers for idle scanning?  Linux/Unix computers are easier to compromise  Linux/Unix computers are constantly talking  Windows computers are constantly talking  Windows computers will not respond to idle scans NO.29 This law sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations.  The CAN-SPAM act  Federal Spam act  Telemarketing act  European Anti-Spam act NO.30 Which Linux command when executed displays kernel ring buffers or information about device drivers loaded into the kernel?  pgrep  dmesg  fsck  grep NO.31 When a user deletes a file or folder, the system stores complete path including the original filename is a special hidden file called “INFO2” in the Recycled folder. If the INFO2 file is deleted, it is recovered when you ______________________.  Undo the last action performed on the system  Reboot Windows  Use a recovery tool to undelete the file  Download the file from Microsoft website NO.32 Which of the following network attacks refers to sending huge volumes of email to an address in an attempt to overflow the mailbox or overwhelm the server where the email address is hosted so as to cause a denial-of-service attack?  Email spamming  Phishing  Email spoofing  Mail bombing NO.33 A file requires 10 KB space to be saved on a hard disk partition. An entire cluster of 32 KB has been allocated for this file. The remaining, unused space of 22 KB on this cluster will be Identified as______.  Swap space  Cluster space  Slack space  Sector space NO.34 Where is the default location for Apache access logs on a Linux computer?  usr/local/apache/logs/access_log  bin/local/home/apache/logs/access_log  usr/logs/access_log  logs/usr/apache/access_log  Loading … Focus on 312-49v10 All-in-One Exam Guide For Quick Preparation: https://www.dumpleader.com/312-49v10_exam.html --------------------------------------------------- Images: https://blog.dumpleader.com/wp-content/plugins/watu/loading.gif https://blog.dumpleader.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2024-11-17 14:00:41 Post date GMT: 2024-11-17 14:00:41 Post modified date: 2024-11-17 14:00:41 Post modified date GMT: 2024-11-17 14:00:41