EC-Council 312-49v11 Exam Practice Questions (P. 1)
- Full Access (302 questions)
- One Year of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #1
A suspect is accused of violating the acceptable use of computing resources, as he has visited adult websites and downloaded images. The investigator wants to demonstrate that the suspect did indeed visit these sites. However, the suspect has cleared the search history and emptied the cookie cache. Moreover, he has removed any images he might have downloaded. What can the investigator do to prove the violation?
- AImage the disk and try to recover deleted files
- BSeek the help of co-workers who are eye-witnesses
- CCheck the Windows registry for connection data (you may or may not recover)
- DApproach the website's administrator for evidence
send
light_mode
delete
Question #2
You have been asked to investigate the possibility of computer fraud in the finance department of a company. It is suspected that a staff member has been committing finance fraud by printing cheques that have not been authorized. You have exhaustively searched all data files on a bitmap image of the target computer, but have found no evidence. You suspect the files may not have been saved. What should you examine next in this case?
send
light_mode
delete
Question #3
Which of the following are small pieces of data sent from a website and stored on the user’s computer by the user’s web browser to track, validate, and maintain specific user information?
send
light_mode
delete
Question #4
Depending upon the jurisdictional areas, different laws apply to different incidents. Which of the following law is related to fraud and related activity in connection with computers?
send
light_mode
delete
Question #5
Data is striped at a byte level across multiple drives, and parity information is distributed among all member drives.
What RAID level is represented here?
What RAID level is represented here?
send
light_mode
delete
Question #6
Charles has accidentally deleted an important file while working on his Mac computer. He wants to recover the deleted file as it contains some of his crucial business secrets. Which of the following tool will help Charles?
send
light_mode
delete
Question #7
Jason discovered a file named $RIYG6VR.doc in the C:\$Recycle.Bin\<USER SID>\ while analyzing a hard disk image for the deleted data. What inferences can he make from the file name?
- AIt is a doc file deleted in seventh sequential order
- BRIYG6VR.doc is the name of the doc file deleted from the system
- CIt is file deleted from R drive
- DIt is a deleted doc file
send
light_mode
delete
Question #8
Which of the following attacks allows an attacker to access restricted directories, including application source code, configuration and critical system files, and to execute commands outside of the web server’s root directory?
- AParameter/form tampering
- BUnvalidated input
- CDirectory traversal
- DSecurity misconfiguration
send
light_mode
delete
Question #9
Annie is searching for certain deleted files on a system running Windows XP OS. Where will she find the files if they were not completely deleted from the system?
send
light_mode
delete
Question #10
Which of the following files stores information about a local Google Drive installation such as User email ID, Local Sync Root Path, and Client version installed?
send
light_mode
delete
All Pages