CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-49

Free 312-49 Exam Braindumps (page: 13)

Page 12 of 133
PDF with 531 Questions

If you see the files Zer0.tar.gz and copy.tar.gz on a Linux system while doing an investigation, what can you conclude?

  1. The system files have been copied by a remote attacker
  2. The system administrator has created an incremental backup
  3. The system has been compromised using a t0rnrootkit
  4. Nothing in particular as these can be operational files

Answer(s): D



From the following spam mail header, identify the host IP that sent this spam?

From jie02@netvigator.com jie02@netvigator.com Tue Nov 27 17:27:11 2001
Received: from viruswall.ie.cuhk.edu.hk (viruswall [137.189.96.52]) by eng.ie.cuhk.edu.hk
(8.11.6/8.11.6) with ESMTP id
fAR9RAP23061 for ; Tue, 27 Nov 2001 17:27:10 +0800 (HKT)
Received: from mydomain.com (pcd249020.netvigator.com [203.218.39.20]) by
viruswall.ie.cuhk.edu.hk (8.12.1/8.12.1)
with SMTP id fAR9QXwZ018431 for ; Tue, 27 Nov 2001 17:26:36 +0800 (HKT)
Message-Id: >200111270926.fAR9QXwZ018431@viruswall.ie.cuhk.edu.hk
From: "china hotel web"
To: "Shlam"
Subject: SHANGHAI (HILTON HOTEL) PACKAGE
Date: Tue, 27 Nov 2001 17:25:58 +0800 MIME-Version: 1.0
X-Priority: 3 X-MSMail-
Priority: Normal
Reply-To: "china hotel web"

  1. 137.189.96.52
  2. 8.12.1.0
  3. 203.218.39.20
  4. 203.218.39.50

Answer(s): C



If you plan to startup a suspect's computer, you must modify the_________ to ensure that you do not contaminate or alter data on the suspect's hard drive by booting to the hard drive.

  1. deltree command
  2. CMOS
  3. Boot.sys
  4. Scandisk utility

Answer(s): C



You are working for a local police department that services a population of 1,000,000 people and you have been given the task of building a computer forensics lab. How many law-enforcement computer investigators should you request to staff the lab?

  1. 8
  2. 1
  3. 4
  4. 2

Answer(s): C






Post your Comments and Discuss EC-Council 312-49 exam with other Community members:

312-49 Discussions & Posts