II0-001 Exam Questions

The following methods will detect or defeat hardware keylogging except:

Trojan Horse programs are capable of the following except

A method of countermeasure for trojan horse is which one of the following:

A firewall is an effective method of preventing trojan horse programs from contacting their master server.

Placing a sniffer on a network without the owner's permission is a ECPA Title III violation

Which of the following are characteristics of electronic Evidence?

What IP Traceback technique's basic idea is to have routers label a subset of transit packets with information about the router labeling router, thus enabling the receiver to recon...

Which is true regarding tracing Secure Socket Layer (SSL) and Transport Layer Security (TLS) connections?

Web anonymizers:

Why is it important to have at least a level 2 NTP server running in your environment?

An external audit of your systems provides:

A well documented chain of custody must include:

When introduced to a crime scene as an investigator you need to:

Keymappers are illegal in the following States in the U.S.:

Which of the following keymappers are the most difficult to detect by the subject of the monitoring?

The following are components of an IP Datagram header except:

An active traceback detects active network connections to a host.

The following are detective controls for a malicious attack except:

Footprinting is the process of accumulating data on a ... .. host system.

Host based intrusion devices traditionally analyze log files for:

Which of the following is a challenge for performing a Traceback?

Drive geometry refers to

A Syslog server provides:

Why is securing the crime scene critical in the earliest portions of the investigation in order to:

An open relay is a mail server configured to allow:

Which of the following are important to the investigator regarding logging:

Port 25 forgery involves:

Active shunting is the process in which an malicious attack is detected and the traffic is: