최신 312-49v11 무료덤프 - EC-COUNCIL Computer Hacking Forensic Investigator (CHFI-v11)
Which of the following is not correct when documenting an electronic crime scene?
정답: D
You are working as an independent computer forensics investigator and received a call from a systems administrator for a local school system requesting your assistance. One of the students at the local high school is suspected of downloading inappropriate images from the Internet to a PC in the Computer Lab. When you arrive at the school, the systems administrator hands you a hard drive and tells you that he made a "simple backup copy" of the hard drive in the PC and put it on this drive and requests that you examine the drive for evidence of the suspected images.
You inform him that a "simple backup copy" will not provide deleted files or recover file fragments.
What type of copy do you need to make to ensure that the evidence found is complete and admissible in future proceeding?
You inform him that a "simple backup copy" will not provide deleted files or recover file fragments.
What type of copy do you need to make to ensure that the evidence found is complete and admissible in future proceeding?
정답: A
In your role as a Computer Hacking Forensics Investigator, you're delving into a global cybercrime incident concerning unauthorized entry into a computer system. Your investigative findings indicate that a system operator from Italy orchestrated the crime. This individual took advantage of their role to improperly access the computer system of a business based in Germany. Both countries have laws related to data espionage and unauthorized system access.
The accused could be held liable under which laws?
The accused could be held liable under which laws?
정답: D
Digital evidence is not fragile in nature.
정답: B
A forensic investigator is analyzing a smartphone to gather crucial evidence. To fully understand the device's working and data flow, he needs to comprehend the various mobile architectural layers. While examining the device's frequency conversion, the investigator focuses on which of the following hardware components?
정답: C
Lynne receives the following email:
Dear [email protected]! We are sorry to inform you that your ID has been temporarily frozen due to incorrect or missing information saved at 2016/11/10 20:40:24 You have 24 hours to fix this problem or risk to be closed permanently! To proceed Please Connect >> My Apple ID Thank You The link to My Apple ID shows http://byggarbetsplatsen.se/backup/signon/ What type of attack is this?
Dear [email protected]! We are sorry to inform you that your ID has been temporarily frozen due to incorrect or missing information saved at 2016/11/10 20:40:24 You have 24 hours to fix this problem or risk to be closed permanently! To proceed Please Connect >> My Apple ID Thank You The link to My Apple ID shows http://byggarbetsplatsen.se/backup/signon/ What type of attack is this?
정답: D
James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
Which of the following attacks refers to unintentional download of malicious software via the Internet? Here, an attacker exploits flaws in browser software to install malware merely by the user visiting the malicious website.
정답: A
Digital photography helps in correcting the perspective of the Image which Is used In taking the measurements of the evidence. Snapshots of the evidence and incident-prone areas need to be taken to help in the forensic process. Is digital photography accepted as evidence in the court of law?
정답: B
One way to identify the presence of hidden partitions on a suspect's hard drive is to:
정답: C
What happens lo the header of the file once It Is deleted from the Windows OS file systems?
정답: C
A Computer Hacking Forensic Investigator is acquiring volatile data from a Linux-based suspect machine that they cannot physically access. They need to obtain a dump of the system's RAM remotely. Which of the following sequences of commands and tools should be utilized for a forensically sound extraction?
정답: A
Damaged portions of a disk on which no read/Write operation can be performed is known as
______________.
______________.
정답: C
When examining a hard disk without a write-blocker, you should not start windows because Windows will write data to the:
정답: B
Microsoft Outlook maintains email messages in a proprietary format in what type of file?
정답: C
A master boot record (MBR) is the first sector ("sector zero") of a data storage device. What is the size of MBR?
정답: B
The evolution of web services and their increasing use in business offers new attack vectors in an application framework. Web services are based on XML protocols such as web Services Definition Language (WSDL) for describing the connection points, Universal Description, Discovery, and Integration (UDDI) for the description and discovery of Web services and Simple Object Access Protocol (SOAP) for communication between Web services that are vulnerable to various web application threats. Which of the following layer in web services stack is vulnerable to fault code leaks?
정답: B
Which of the following attack uses HTML tags like <script></script>?
정답: A