ECCouncil Computer Hacking Forensic Investigator (V8) v11.0

Page:    1 / 12   
Exam contains 180 questions
Expand All

Consistency in the investigative report is more important than the exact format in the report to eliminate uncertainty and confusion.

  • A. True
  • B. False


Answer : A

When dealing with the powered-off computers at the crime scene, if the computer is switched off, turn it on

  • A. True
  • B. False


Answer : B

MAC filtering is a security access control methodology, where a ___________ is assigned to each network card to determine access to the network

  • A. 16-bit address
  • B. 24-bit address
  • C. 32-bit address
  • D. 48-bit address


Answer : D

The ARP table of a router comes in handy for Investigating network attacks, as the table contains IP addresses associated with the respective MAC addresses.
The ARP table can be accessed using the __________command in Windows 7.

  • A. Option A
  • B. Option B
  • C. Option C
  • D. Option D


Answer : A

You can interact with the Registry through intermediate programs. Graphical user interface
(GUI) Registry editors such as Regedit.exe or Regedt32 exe are commonly used as intermediate programs in Windows 7. Which of the following is a root folder of the registry editor?

  • A. HKEY_USERS
  • B. HKEY_LOCAL_ADMIN
  • C. HKEY_CLASSES_ADMIN
  • D. HKEY_CLASSES_SYSTEM


Answer : A

You have been given the task to investigate web attacks on a Windows-based server.
Which of the following commands will you use to look at which sessions the machine has opened with other systems?

  • A. Net sessions
  • B. Net use
  • C. Net config
  • D. Net share


Answer : B

What is a SCSI (Small Computer System Interface)?

  • A. A set of ANSI standard electronic interfaces that allow personal computers to communicate with peripheral hardware such as disk drives, tape drives. CD-ROM drives, printers, and scanners
  • B. A standard electronic interface used between a computer motherboard's data paths or bus and the computer's disk storage devices
  • C. A "plug-and-play" interface, which allows a device to be added without an adapter card and without rebooting the computer
  • D. A point-to-point serial bi-directional interface for transmitting data between computer devices at data rates of up to 4 Gbps


Answer : A

The status of the network interface cards (NICs) connected to a system gives information about whether the system is connected to a wireless access point and what IP address is being used.
Which command displays the network configuration of the NICs on the system?

  • A. ipconfig /all
  • B. netstat
  • C. net session
  • D. tasklist


Answer : A

Which Is a Linux journaling file system?

  • A. Ext3
  • B. HFS
  • C. FAT
  • D. BFS


Answer : A

Which of the following steganography types hides the secret message in a specifically designed pattern on the document that is unclear to the average reader?

  • A. Open code steganography
  • B. Visual semagrams steganography
  • C. Text semagrams steganography
  • D. Technical steganography


Answer : A

Web applications provide an Interface between end users and web servers through a set of web pages that are generated at the server-end or contain script code to be executed dynamically within the client Web browser.

  • A. True
  • B. False


Answer : A

Jason, a renowned forensic investigator, is investigating a network attack that resulted in the compromise of several systems in a reputed multinational's network. He started
Wireshark to capture the network traffic. Upon investigation, he found that the DNS packets travelling across the network belonged to a non-company configured IP. Which of the following attack Jason can infer from his findings?

  • A. DNS Poisoning
  • B. Cookie Poisoning Attack
  • C. DNS Redirection
  • D. Session poisoning


Answer : A

Which table is used to convert huge word lists (i .e. dictionary files and brute-force lists) into password hashes?

  • A. Rainbow tables
  • B. Hash tables
  • C. Master file tables
  • D. Database tables


Answer : A

Data acquisition system is a combination of tools or processes used to gather, analyze and record Information about some phenomenon. Different data acquisition system are used depends on the location, speed, cost. etc. Serial communication data acquisition system is used when the actual location of the data is at some distance from the computer. Which of the following communication standard is used in serial communication data acquisition system?

  • A. RS422
  • B. RS423
  • C. RS232
  • D. RS231


Answer : C

Which of the following statements is incorrect when preserving digital evidence?

  • A. Document the actions and changes that you observe in the monitor, computer, printer, or in other peripherals
  • B. Verily if the monitor is in on, off, or in sleep mode
  • C. Remove the power cable depending on the power state of the computer i.e., in on. off, or in sleep mode
  • D. Turn on the computer and extract Windows event viewer log files


Answer : D

Page:    1 / 12   
Exam contains 180 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy