It is more faster and easier to pass the EC-Council 312-49v8 exam by using High quality EC-Council Computer Hacking Forensic Investigator Exam questuins and answers. Immediate access to the Replace 312-49v8 Exam and find the same core area 312-49v8 questions with professionally verified answers, then PASS your exam with a high score now.
Q31. Ever-changing advancement or mobile devices increases the complexity of mobile device examinations. Which or the following is an appropriate action for the mobile forensic investigation?
A. To avoid unwanted interaction with devices found on the scene, turn on any wireless interfaces such as Bluetooth and Wi-Fi radios
B. Do not wear gloves while handling cell phone evidence to maintain integrity of physical evidence
C. If the device's display is ON. the screen's contents should be photographed and, if necessary, recorded manually, capturing the time, service status, battery level, and other displayed icons
D. If the phone is in a cradle or connected to a PC with a cable, then unplug the device from the computer
Answer: C
Q32. Which of the following commands shows you the username and IP address used to access the system via a remote login session and the Type of client from which they are accessing the system?
A. Net sessions
B. Net file
C. Net config
D. Net share
Answer: A
Q33. Which of the following email headers specifies an address for mailer-generated errors, like "no such user" bounce messages, to go to (instead of the sender's address)?
A. Errors-To header
B. Content-Transfer-Encoding header
C. Mime-Version header
D. Content-Type header
Answer: A
Q34. An expert witness is a witness, who by virtue of education, profession, or experience, is believed to have special knowledge of his/her subject beyond that of the average person, sufficient that others legally depend upon his/her opinion.
A. True
B. False
Answer: A
Q35. The Recycle Bin is located on the Windows desktop. When you delete an item from the hard disk, Windows sends that deleted item to the Recycle Bin and the icon changes to full from empty, but items deleted from removable media, such as a floppy disk or network drive, are not stored in the Recycle Bin.
What is the size limit for Recycle Bin in Vista and later versions of the Windows?
A. No size limit
B. Maximum of 3.99 GB
C. Maximum of 4.99 GB
D. Maximum of 5.99 GB
Answer: A
Q36. The Electronic Serial Number (ESN) is a unique __________ recorded on a secure chip in a mobile phone by the manufacturer.
A. 16-bit identifier
B. 24-bit identifier
C. 32-bit identifier
D. 64-bit identifier
Answer: C
Q37. How do you define forensic computing?
A. It is the science of capturing, processing, and investigating data security incidents and making it acceptable to a court of law.
B. It is a methodology of guidelines that deals with the process of cyber investigation
C. It Is a preliminary and mandatory course necessary to pursue and understand fundamental principles of ethical hacking
D. It is the administrative and legal proceeding in the process of forensic investigation
Answer: A
Q38. Smith, as a part his forensic investigation assignment, has seized a mobile device. He was asked to recover the Subscriber Identity Module (SIM card) data the mobile device. Smith found that the SIM was protected by a Personal identification Number (PIN) code but he was also aware that people generally leave the PIN numbers to the defaults or use easily guessable numbers such as 1234. He unsuccessfully tried three PIN numbers that blocked the SIM card. What Jason can do in this scenario to reset the PIN and access SIM data?
A. He should contact the device manufacturer for a Temporary Unlock Code (TUK) to gain access to the SIM
B. He cannot access the SIM data in this scenario as the network operators or device manufacturers have no idea about a device PIN
C. He should again attempt PIN guesses after a time of 24 hours
D. He should ask the network operator for Personal Unlock Number (PUK) to gain access to the SIM
Answer: D
Q39. Smith, an employee of a reputed forensic Investigation firm, has been hired by a private organization to investigate a laptop that is suspected to be involved in hacking of organization DC server. Smith wants to find all the values typed into the Run box in the Start menu. Which of the following registry key Smith will check to find the above information?
A. UserAssist Key
B. MountedDevices key
C. RunMRU key
D. TypedURLs key
Answer: C
Q40. Which of the following Wi-Fi chalking methods refers to drawing symbols in public places to advertise open Wi-Fi networks?
A. WarWalking
B. WarFlying
C. WarChalking
D. WarDhving
Answer: C
Q41. WPA2 provides enterprise and Wi-Fi users with stronger data protection and network access control which of the following encryption algorithm is used DVWPA2?
A. RC4-CCMP
B. RC4-TKIP
C. AES-CCMP
D. AES-TKIP
Answer: C
Q42. Web applications provide an Interface between end users and web servers through a set of web pages that are generated at the server-end or contain script code to be executed dynamically within the client Web browser.
A. True
B. False
Answer: A
Q43. Digital evidence validation involves using a hashing algorithm utility to create a binary or hexadecimal number that represents the uniqueness of a data set, such as a disk drive or file.
Which of the following hash algorithms produces a message digest that is 128 bits long?
A. CRC-32
B. MD5
C. SHA-1
D. SHA-512
Answer: B
Q44. SMTP (Simple Mail Transfer protocol) receives outgoing mail from clients and validates source and destination addresses, and also sends and receives emails to and from other SMTP servers.
A. True
B. False
Answer: A
Q45. Centralized logging is defined as gathering the computer system logs for a group of systems in a centralized location. It is used to efficiently monitor computer system logs with the frequency required to detect security violations and unusual activity.
A. True
B. False
Answer: A