[2025年最新] 最高の試験312-49v11問題集は無料サイトの資料を試そう [Q520-Q544]

Share

[2025年最新] 最高の試験312-49v11問題集は無料サイトの資料を試そう

無料Certified Ethical Hacker 312-49v11オフィシャル認証ガイドPDFをダウンロード

質問 # 520
The given image displays information about date and time of installation of the OS along with service packs, patches, and sub-directories. What command or tool did the investigator use to view this output?

  • A. dir /o:s
  • B. dir /o:n
  • C. dir /o:e
  • D. dir /o:d

正解:D


質問 # 521
George is performing security analysis for Hammond and Sons LLC. He is testing security vulnerabilities of their wireless network. He plans on remaining as "stealthy" as possible during the scan. Why would a scanner like Nessus is not recommended in this situation?

  • A. There are no ways of performing a "stealthy" wireless scan
  • B. Nessus is not a network scanner
  • C. Nessus is too loud
  • D. Nessus cannot perform wireless testing

正解:C


質問 # 522
Jane, who holds the title of Computer Hacking Forensic Investigator, is knee-deep in a case of a system security breach in a vast global corporation. The breach may have started its trouble- making journey in another country. Jane is focusing on preserving and investigating digital evidence. Keeping in mind the fragile and volatile nature of digital evidence, what is the first step Jane should take in the process of investigation?

  • A. Contact local law enforcement in the country where the attack originated
  • B. Begin documenting all the traces and records of the attack in the system
  • C. Gather system data before an intruder can alter it
  • D. Notify all jurisdictions involved about the breach

正解:C


質問 # 523
Which response organization tracks hoaxes as well as viruses?

  • A. CIAC
  • B. CERT
  • C. NIPC
  • D. FEDCIRC

正解:A

解説:
Note: CIAC (Computer Incident Advisory Capability) Was run by the US Department of energy


質問 # 524
Task list command displays a list of applications and services with their Process ID (PID) for all tasks running on either a local or a remote computer. Which of the following task list commands provides information about the listed processes, including the image name, PID, name, and number of the session for the process?

  • A. tasklist/s
  • B. tasklist/V
  • C. tasklist/p
  • D. tasklist/u

正解:B


質問 # 525
Where is the default location for Apache access logs on a Linux computer?

  • A. bin/local/home/apache/logs/access_log
  • B. usr/logs/access_log
  • C. logs/usr/apache/access_log
  • D. usr/local/apache/logs/access_log

正解:D


質問 # 526
A security firm investigating an IoT-based cybercrime involving an Android smartwatch found on the crime scene. The smartwatch is suspected of capturing sensitive information such as PINs and passwords through motion sensors and GPS tracking. The paired smartphone is not available. Which of the following steps should the investigator undertake first to proceed with the forensics process effectively?

  • A. Generate forensic images of the evidence found on the crime scene
  • B. Identify APIs like Data API, Message API, and Node API on the smartwatch
  • C. Look for cloud data and mobile data linked to the smartwatch
  • D. Extract data from the smartwatch's memory before it gets volatile

正解:D


質問 # 527
An attack vector is a path or means by which an attacker can gain access to computer or network resources in order to deliver an attack payload or cause a malicious outcome.

  • A. False
  • B. True

正解:B


質問 # 528
Which of the following attacks refers to unintentional download of malicious software via the Internet? Here, an attacker exploits flaws in browser software to install malware merely by the user visiting the malicious website.

  • A. Phishing
  • B. Malvertising
  • C. Drive-by downloads
  • D. Internet relay chats

正解:C


質問 # 529
A sophisticated cyber-attack has targeted an organization, and the forensic team is called upon for incident response. Their assets are largely hosted on AWS, particularly using S3 and EC2 instances. As a forensic investigator, your first step to retaining valuable evidence in the EC2 instances is:

  • A. Immediately isolate the affected EC2 instances from the network to avoid data corruption
  • B. Create a snapshot of the EBS volume in the affected EC2 instance and share it with the forensic team for analysis
  • C. Retrieve and analyze log data from the affected EC2 instances
  • D. Encrypt all the data present in the EC2 instances to avoid further unauthorized access

正解:B


質問 # 530
In Linux OS, different log files hold different information, which help the investigators to analyze various issues during a security incident. What information can the investigators obtain from the log file var/log/dmesg?

  • A. Global system messages
  • B. Kernel ring buffer information
  • C. Debugging log messages
  • D. All mail server message logs

正解:B


質問 # 531
What is the purpose of using Obfuscator in malware?

  • A. Propagate malware to other connected devices
  • B. Avoid detection by security mechanisms
  • C. Execute malicious code in the system
  • D. Avoid encryption while passing through a VPN

正解:B


質問 # 532
What is the name of the first reserved sector in File allocation table?

  • A. Volume Boot Record
  • B. BIOS Parameter Block
  • C. Partition Boot Sector
  • D. Master Boot Record

正解:D


質問 # 533
____________________ is simply the application of Computer Investigation and analysis techniques in the interests of determining potential legal evidence.

  • A. Network Forensics
  • B. Incident Response
  • C. Event Reaction
  • D. Computer Forensics

正解:D


質問 # 534
What document does the screenshot represent?

  • A. Expert witness form
  • B. Chain of custody form
  • C. Search warrant form
  • D. Evidence collection form

正解:B


質問 # 535
You are the security analyst working for a private company out of France. Your current assignment is to obtain credit card information from a Swiss bank owned by that company. After initial reconnaissance, you discover that the bank security defenses are very strong and would take too long to penetrate. You decide to get the information by monitoring the traffic between the bank and one of its subsidiaries in London. After monitoring some of the traffic, you see a lot of FTP packets traveling back and forth. You want to sniff the traffic and extract usernames and passwords. What tool could you use to get this information?

  • A. RaidSniff
  • B. Airsnort
  • C. Snort
  • D. Ettercap

正解:D


質問 # 536
Which of the following tool creates a bit-by-bit image of an evidence media?

  • A. FileMerlin
  • B. Xplico
  • C. Recuva
  • D. AccessData FTK Imager

正解:D


質問 # 537
You are a security analyst performing reconnaissance on a company you will be carrying out a penetration test for. You conduct a search for IT jobs on Dice.com and find the following information for an open position:
- 7+ years experience in Windows Server environment
- 5+ years experience in Exchange 2000/2003 environment
- Experience with Cisco Pix Firewall, Linksys 1376 router, Oracle 11i and MYOB v3.4.
Accounting software are required MCSA desired, MCSE, CEH preferred. No Unix/Linux Experience needed.
What is this information posted on the job website considered?

  • A. Information vulnerability
  • B. Social engineering exploit
  • C. Competitive exploit
  • D. Trade secret

正解:A


質問 # 538
An experienced forensic investigator, Chris, is tasked with preparing a testbed for malware analysis. Given the complexity of the malware samples, which are mostly compatible with Windows binary executables, Chris must take meticulous precautions to ensure the integrity of the lab environment. Which of the following procedures would Chris NOT be likely to follow in preparing the testbed for malware analysis?

  • A. Installing a guest OS such as Ubuntu in virtual machines will serve as forensic workstations
  • B. Creating a snapshot of the virtual machine state prior to malware analysis for easy reversion in case of accidental system corruption
  • C. Using tools such as INetSim to simulate internet services while ensuring that the NIC card is in
    "host only" mode
  • D. Enabling shared folders and guest isolation allows easy data transfer between host and guest operating systems

正解:D


質問 # 539
An investigator has been tasked to analyze a suspicious executable file potentially containing malware. She uses a static analysis method to examine the file. Which step below should she NOT include as part of her static malware analysis process?

  • A. Searching for embedded strings in the binary code to infer the functionality
  • B. Comparing the hash value of the file with online malware databases for recognition
  • C. Running the executable in a sandboxed environment to observe its behavior
  • D. Conducting a file fingerprinting on the binary code to determine its function

正解:C


質問 # 540
Which of the following statements is incorrect when preserving digital evidence?

  • A. Remove the plug from the power router or modem
  • B. Turn on the computer and extract Windows event viewer log files
  • C. Verify if the monitor is in on, off, or in sleep mode
  • D. Document the actions and changes that you observe in the monitor, computer, printer, or in other peripherals

正解:B


質問 # 541
For what purpose do the investigators use tools like iPhoneBrowser, iFunBox, OpenSSHSSH, and iMazing?

  • A. Rooting iPhone
  • B. Debugging iPhone
  • C. Bypassing iPhone passcode
  • D. Copying contents of iPhone

正解:C


質問 # 542
When installed on a Windows machine, which port does the Tor browser use to establish a network connection via Tor nodes?

  • A. 49667/49668
  • B. 9150/9151
  • C. 0
  • D. 49664/49665

正解:B


質問 # 543
NTFS has reduced slack space than FAT, thus having lesser potential to hide data in the slack space. This is because:

  • A. FAT is an older and inefficient file system
  • B. NTFS is a journaling file system
  • C. NTFS has lower cluster size space
  • D. FAT does not index files

正解:C


質問 # 544
......

EC-COUNCIL 312-49v11オフィシャル認証ガイドPDF:https://jp.fast2test.com/312-49v11-premium-file.html

試験312-49v11のComputer Hacking Forensic Investigator (CHFI-v11)の問題集にはここにある:https://drive.google.com/open?id=1z1jG4_36dos-q10QcrsFokZELY5wBcCd


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어