Eccouncil 312-49 Exam Practice Test Instant Access

Question 1

Which of the following components within the android architecture stack take care of displaying windows owned by different applications?

AMedia Framework

BSurface Manager

CResource Manager

DApplication Framework

Answer : D

Question 2

The objective of this act was to protect consumers' personal financial information held by financial institutions and their service providers.

AGramm-Leach-Bliley Act

BSarbanes-Oxley 2002

CCalifornia SB 1386

DHIPAA

Answer : A

Question 3

Which of the following Event Correlation Approach is an advanced correlation method that assumes and predicts what an attacker can do next after the attack by studying the statistics and probability and uses only two variables?

ABayesian Correlation

BVulnerability-Based Approach

CRule-Based Approach

DRoute Correlation

Answer : A

Question 4

What does Locard's Exchange Principle state?

AAny information of probative value that is either stored or transmitted in a digital form

BDigital evidence must have some characteristics to be disclosed in the court of law

CAnyone or anything, entering a crime scene takes something of the scene with them, and leaves something of themselves behind when they leave

DForensic investigators face many challenges during forensics investigation of a digital crime, such as extracting, preserving, and analyzing the digital evidence

Answer : C

Question 5

Using Linux to carry out a forensics investigation, what would the following command accomplish?

dd if=/usr/home/partition.image of=/dev/sdb2 bs=4096 conv=notrunc,noerror

ASearch for disk errors within an image file

BBackup a disk to an image file

CCopy a partition to an image file

DRestore a disk from an image file

Answer : D

Question 6

SO/IEC 17025 is an accreditation for which of the following:

ACHFI issuing agency

BEncryption

CForensics lab licensing

DChain of custody

Answer : C

Question 7

Item 2If you come across a sheepdip machine at your client site, what would you infer?

AA sheepdip coordinates several honeypots

BA sheepdip computer is another name for a honeypot

CA sheepdip computer is used only for virus-checking.

DA sheepdip computer defers a denial of service attack

Answer : C

Eccouncil Computer Hacking Forensic Investigator V10 312-49 Exam Practice Test