312-49V10 Online Practice Questions and Answers

Computer security logs contain information about the events occurring within an organization's systems and networks. Application and Web server log files are useful in detecting web attacks. The source, nature, and time of the attack can be determined by _________of the compromised system.

A. Analyzing log files

B. Analyzing SAM file

C. Analyzing rainbow tables

D. Analyzing hard disk boot records

Digital photography helps in correcting the perspective of the Image which Is used In taking the measurements of the evidence. Snapshots of the evidence and incident-prone areas need to be taken to help in the forensic process. Is digital photography accepted as evidence in the court of law?

A. Yes

B. No

Networks are vulnerable to an attack which occurs due to overextension of bandwidth, bottlenecks, network data interception, etc.

Which of the following network attacks refers to a process in which an attacker changes his or her IP address so that he or she appears to be someone else?

A. IP address spoofing

B. Man-in-the-middle attack

C. Denial of Service attack

D. Session sniffing

Buffer Overflow occurs when an application writes more data to a block of memory, or buffer, than the buffer is allocated to hold. Buffer overflow attacks allow an attacker to modify the _______________in order to control the process execution, crash the process and modify internal variables.

A. Target process's address space

B. Target remote access

C. Target rainbow table

D. Target SAM file

When collecting evidence from the RAM, where do you look for data?

A. Swap file

B. SAM file

C. Data file

D. Log file

What is the slave device connected to the secondary IDE controller on a Linux OS referred to?

A. hda

B. hdd

C. hdb

D. hdc

What is the smallest physical storage unit on a hard drive?

A. Track

B. Cluster

C. Sector

D. Platter

Travis, a computer forensics investigator, is finishing up a case he has been working on for over a month involving copyright infringement and embezzlement. His last task is to prepare an investigative report for the president of the company he has been working for. Travis must submit a hard copy and an electronic copy to this president. In what electronic format should Travis send this report?

A. TIFF-8

B. DOC

C. WPD

D. PDF

What type of attack occurs when an attacker can force a router to stop forwarding packets by flooding the router with many open connections simultaneously so that all the hosts behind the router are effectively disabled?

A. ARP redirect

B. Physical attack

C. Digital attack

D. Denial of service

You are contracted to work as a computer forensics investigator for a regional bank that has four 30 TB storage area networks that store customer data. What method would be most efficient for you to acquire digital evidence from this network?

A. Make a bit-stream disk-to-disk file

B. Make a bit-stream disk-to-image file

C. Create a sparse data copy of a folder or file

D. Create a compressed copy of the file with DoubleSpace

Which Linux command when executed displays kernel ring buffers or information about device drivers loaded into the kernel?

A. pgrep

B. dmesg

C. fsck

D. grep

During an investigation of an XSS attack, the investigator comes across the term “[a-zA-Z0-9\%]+” in analyzed evidence details. What is the expression used for?

A. Checks for upper and lower-case alphanumeric string inside the tag, or its hex representation

B. Checks for forward slash used in HTML closing tags, its hex or double-encoded hex equivalent

C. Checks for opening angle bracket, its hex or double-encoded hex equivalent

D. Checks for closing angle bracket, hex or double-encoded hex equivalent

Amelia has got an email from a well-reputed company stating in the subject line that she has won a prize money, whereas the email body says that she has to pay a certain amount for being eligible for the contest. Which of the following acts does the email breach?

A. CAN-SPAM Act

B. HIPAA

C. GLBA

D. SOX

Which password cracking technique uses every possible combination of character sets?

A. Rainbow table attack

B. Brute force attack

C. Rule-based attack

D. Dictionary attack

Andie, a network administrator, suspects unusual network services running on a windows system. Which of the following commands should he use to verify unusual network services started on a Windows system?

A. net serv

B. netmgr

C. lusrmgr

D. net start