312-49V9 Exam Questions

You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your product...

You are working on a thesis for your doctorate degree in Computer Science. Your thesis is based on HTML, DHTML, and other web-based languages and how they have evolved over the yea...

From the following spam mail header, identify the host IP that sent this spam? From [email protected] [email protected] Tue Nov 27 17:27:11 2001 Received: from viruswall.ie.c...

While presenting his case to the court, Simon calls many witnesses to the stand to testify. Simon decides to call Hillary Taft, a lay witness, to the stand. Since Hillary is a lay...

With the standard Linux second extended file system (Ext2fs), a file is deleted when the inode internal link count reaches ______

What does ICMP Type 3/Code 13 mean?

Under which Federal Statutes does FBI investigate for computer crimes involving e- mail scams and mail fraud?

Click on the Exhibit Button To test your website for vulnerabilities, you type in a Quotation mark (? for the username field. After you click Ok, you receive the following error me...

This organization maintains a database of hash signatures for known software

Paul's company is in the process of undergoing a complete security audit including logical and physical security testing. After all logical tests were performed; it is now time for...

Your company uses Cisco routers exclusively throughout the network. After securing the routers to the best of your knowledge, an outside security firm is brought in to assess the n...

To calculate the number of bytes on a disk, the formula is: CHS**

You setup SNMP in multiple offices of your company. Your SNMP software manager is not receiving data from other offices like it is for your main office. You suspect that firewall c...

You work as a penetration tester for Hammond Security Consultants. You are currently working on a contract for the state government of California. Your next step is to initiate a D...

Bill is the accounting manager for Grummon and Sons LLC in Chicago. On a regular basis, he needs to send PDF documents containing sensitive information through E-mail to his custom...

Madison is on trial for allegedly breaking into her university internal network. The police raided her dorm room and seized all of her computerMadison is on trial for allegedly bre...

What file structure database would you expect to find on floppy disks?

You have completed a forensic investigation case. You would like to destroy the data contained in various disks at the forensics lab due to sensitivity of the case. How would you p...

Before performing a logical or physical search of a drive in Encase, what must be added to the program?

You are working as Computer Forensics investigator and are called by the owner of an accounting firm to investigate possible computer abuse by one of the firm's employees. You meet...

Using Linux to carry out a forensics investigation, what would the following command accomplish? dd if=/usr/home/partition.image of=/dev/sdb2 bs=4096 conv=notrunc,noerror

While looking through the IIS log file of a web server, you find the following entries: What is evident from this log file?

When investigating a Windows System, it is important to view the contents of the page or swap file because:

You are assigned to work in the computer forensics lab of a state police agency. While working on a high profile criminal case, you have followed every applicable procedure, howeve...

Jason has set up a honeypot environment by creating a DMZ that has no physical or logical access to his production network. In this honeypot, he has placed a server running Windows...

Why is it a good idea to perform a penetration test from the inside?

What is a good security method to prevent unauthorized users from "tailgating"?

What are the security risks of running a "repair" installation for Windows XP?

You are running through a series of tests on your network to check for any security vulnerabilities. After normal working hours, you initiate a DoS attack against your external fir...

When an investigator contacts by telephone the domain administrator or controller listed by a whois lookup to request all e-mails sent and received for a user account be preserved,...

Which of the following filesystem is used by Mac OS X?

What will the following command accomplish? C:\> nmap -v -sS -Po 172.16.28.251 - data_length 66000 - packet_trace

When reviewing web logs, you see an entry for resource not found in the HTTP status code filed. What is the actual error code that you would see in the log for resource not found?

When a router receives an update for its routing table, what is the metric value change to that path?

What is considered a grant of a property right given to an individual who discovers or invents a new machine, process, useful composition of matter or manufacture?

Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is Je...

You have used a newly released forensic investigation tool, which doesn't meet the Daubert Test, during a case. The case has ended-up in court. What argument could the defense make...

In handling computer-related incidents, which IT role should be responsible for recovery, containment, and prevention to constituents?

When obtaining a warrant it is important to:

A packet is sent to a router that does not have the packet destination address in its route table, how will the packet get to its properA packet is sent to a router that does not h...

An employee is suspected of stealing proprietary information belonging to your company that he had no rights to possess. The information was stored on the employee computer that wa...

Jones had been trying to penetrate a remote production system for the past two weeks. This time however, he is able to get into the system. He was able to use the system for a peri...

What TCP/UDP port does the toolkit program netstat use?

John is using Firewalk to test the security of his Cisco PIX firewall. He is also utilizing a sniffer located on a subnet that resides deep inside his network. After analyzing the...

After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Sinc...

When you carve an image, recovering the image depends on which of the following skills?

When investigating a potential e-mail crime, what is your first step in the investigation?

When cataloging digital evidence, the primary goal is to

What should you do when approached by a reporter about a case that you are working on or have worked on?

What is the name of the standard Linux command that can be used to create bit-stream images?