1. Home
  2. ECCouncil
  3. No Cert Assigned
  4. 312-49
  5. Computer Hacking Forensic Investigator Questions and Answers

Pass the ECCouncil No Cert Assigned 312-49 Questions and answers with CertsForce

 ECCouncil Exams      Go to Exam Detail      Get Premium Access
Viewing page 9 out of 11 pages
Viewing questions 121-135 out of questions
Questions # 121:

Which of the following commands shows you the names of all open shared files on a server and the number of file locks on each file?

Options:
A.

Net config

B.

Net file

C.

Net share

D.

Net sessions

Questions # 122:

On Linux/Unix based Web servers, what privilege should the daemon service be run under?

Options:
A.

Guest

B.

Root

C.

You cannot determine what privilege runs the daemon service

D.

Something other than root

Questions # 123:

Which of the following attack uses HTML tags like <script></script>?

Options:
A.

Phishing

B.

XSS attack

C.

SQL injection

D.

Spam

Questions # 124:

Which of the following is an iOS Jailbreaking tool?

Options:
A.

Kingo Android ROOT

B.

Towelroot

C.

One Click Root

D.

Redsn0w

Questions # 125:

You are working for a large clothing manufacturer as a computer forensics investigator and are called in to investigate an unusual case of an employee possibly stealing clothing designs from the company and selling them under a different brand name for a different company. What you discover during the course of the investigation is that the clothing designs are actually original products of the employee and the company has no policy against an employee selling his own designs on his own time. The only thing that you can find that the employee is doing wrong is that his clothing design incorporates the same graphic symbol as that of the company with only the wording in the graphic being different. What area of the law is the employee violating?

Options:
A.

trademark law

B.

copyright law

C.

printright law

D.

brandmark law

Questions # 126:

What advantage does the tool Evidor have over the built-in Windows search?

Options:
A.

It can find deleted files even after they have been physically removed

B.

It can find bad sectors on the hard drive

C.

It can search slack space

D.

It can find files hidden within ADS

Questions # 127:

To preserve digital evidence, an investigator should ____________________.

Options:
A.

Make two copies of each evidence item using a single imaging tool

B.

Make a single copy of each evidence item using an approved imaging tool

C.

Make two copies of each evidence item using different imaging tools

D.

Only store the original evidence item

Questions # 128:

To which phase of the Computer Forensics Investigation Process does the Planning and Budgeting of a Forensics Lab belong?

Options:
A.

Post-investigation Phase

B.

Reporting Phase

C.

Pre-investigation Phase

D.

Investigation Phase

Questions # 129:

In Steganalysis, which of the following describes a Known-stego attack?

Options:
A.

The hidden message and the corresponding stego-image are known

B.

During the communication process, active attackers can change cover

C.

Original and stego-object are available and the steganography algorithm is known

D.

Only the steganography medium is available for analysis

Questions # 130:

Which of the following processes is part of the dynamic malware analysis?

Options:
A.

Process Monitoring

B.

Malware disassembly

C.

Searching for the strings

D.

File fingerprinting

Questions # 131:

Under which Federal Statutes does FBI investigate for computer crimes involving e-mail scams and mail fraud?

Options:
A.

18 U.S.C. 1029 Possession of Access Devices

B.

18 U.S.C. 1030 Fraud and related activity in connection with computers

C.

18 U.S.C. 1343 Fraud by wire, radio or television

D.

18 U.S.C. 1361 Injury to Government Property

E.

18 U.S.C. 1362 Government communication systems

F.

18 U.S.C. 1831 Economic Espionage Act

G.

18 U.S.C. 1832 Trade Secrets Act

Questions # 132:

To check for POP3 traffic using Ethereal, what port should an investigator search by?

Options:
A.

143

B.

25

C.

110

D.

125

Questions # 133:

Files stored in the Recycle Bin in its physical location are renamed as Dxy.ext, where “x” represents the ___________________.

Options:
A.

Drive name

B.

Original file name’s extension

C.

Sequential number

D.

Original file name

Questions # 134:

You are employed directly by an attorney to help investigate an alleged sexual harassment case at a large pharmaceutical manufacture. While at the corporate office of the company, the CEO demands to know the status of the investigation. What prevents you from discussing the case with the CEO?

Options:
A.

the attorney-work-product rule

B.

Good manners

C.

Trade secrets

D.

ISO 17799

Questions # 135:

When obtaining a warrant, it is important to:

Options:
A.

particularlydescribe the place to be searched and particularly describe the items to be seized

B.

generallydescribe the place to be searched and particularly describe the items to be seized

C.

generallydescribe the place to be searched and generally describe the items to be seized

D.

particularlydescribe the place to be searched and generally describe the items to be seized

Viewing page 9 out of 11 pages
Viewing questions 121-135 out of questions