312-49V8 Exam Questions

Wireless network discovery tools use two different methodologies to detect, monitor and log a WLAN device (i.e. active scanning and passive scanning). Active scanning methodology i...

Damaged portions of a disk on which no read/Write operation can be performed is known as ______________.

BMP (Bitmap) is a standard file format for computers running the Windows operating system. BMP images can range from black and white (1 bit per pixel) up to 24 bit color (16.7 mill...

What is the First Step required in preparing a computer for forensics investigation?

Network forensics can be defined as the sniffing, recording, acquisition and analysis of the network traffic and event logs in order to investigate a network security incident.

Which of the following commands shows you the names of all open shared files on a server and number of file locks on each file?

The Recycle Bin exists as a metaphor for throwing files away, but it also allows user to retrieve and restore files. Once the file is moved to the recycle bin, a record is added to...

Email archiving is a systematic approach to save and protect the data contained in emails so that it can be accessed fast at a later date. There are two main archive types, namely...

Which of the following email headers specifies an address for mailer-generated errors, like "no such user" bounce messages, to go to (instead of the sender's address)?

Which of the following commands shows you all of the network services running on Windows- based servers?

Email archiving is a systematic approach to save and protect the data contained in emails so that it can tie easily accessed at a later date.

Which of the following commands shows you the NetBIOS name table each?

Windows Security Accounts Manager (SAM) is a registry file which stores passwords in a hashed format. SAM file in Windows is located at:

FAT32 is a 32-bit version of FAT file system using smaller clusters and results in efficient storage capacity. What is the maximum drive size supported?

In which step of the computer forensics investigation methodology would you run MD5 checksum on the evidence?

Network forensics allows Investigators 10 inspect network traffic and logs to identify and locate the attack system Network forensics can reveal: (Select three answers)

Determine the message length from following hex viewer record:

TCP/IP (Transmission Control Protocol/Internet Protocol) is a communication protocol used to connect different hosts in the Internet. It contains four layers, namely the network in...

WPA2 provides enterprise and Wi-Fi users with stronger data protection and network access control which of the following encryption algorithm is used DVWPA2?

The disk in the disk drive rotates at high speed, and heads in the disk drive are used only to read data.

What is a bit-stream copy?

System software password cracking is defined as cracking the operating system and all other utilities that enable a computer to function

Which of the following Steganography techniques allows you to encode information that ensures creation of cover for secret communication?

Ron. a computer forensics expert, Is Investigating a case involving corporate espionage. He has recovered several mobile computing devices from the crime scene. One of the evidence...

Who is responsible for the following tasks? - Secure the scene and ensure that it is maintained In a secure state until the Forensic Team advises - Make notes about the scene that...

A system with a simple logging mechanism has not been given much attention during development, this system is now being targeted by attackers, if the attacker wants to perform a ne...

During the seizure of digital evidence, the suspect can be allowed touch the computer system.

Which of the following password cracking techniques works like a dictionary attack, but adds some numbers and symbols to the words from the dictionary and tries to crack the passwo...

Consistency in the investigative report is more important than the exact format in the report to eliminate uncertainty and confusion.

When dealing with the powered-off computers at the crime scene, if the computer is switched off, turn it on