CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-49v10

Free 312-49v10 Exam Braindumps

You are assigned to work in the computer forensics lab of a state police agency. While working on a high pro le criminal case, you have followed every applicable procedure, however your boss is still concerned that the defense attorney might question whether evidence has been changed while at the lab.
What can you do to prove that the evidence is the same as it was when it rst entered the lab?

  1. make an MD5 hash of the evidence and compare it with the original MD5 hash that was taken when the evidence rst entered the lab
  2. make an MD5 hash of the evidence and compare it to the standard database developed by NIST
  3. there is no reason to worry about this possible claim because state labs are certi ed
  4. sign a statement attesting that the evidence is the same as it was when it entered the lab

Answer(s): A



Study the log given below and answer the following question:

Apr 24 14:46:46 [4663]: spp_portscan: portscan detected from 194.222.156.169 Apr 24 14:46:46 [4663]: IDS27/FIN Scan: 194.222.156.169:56693 -> 172.16.1.107:482 Apr 24 18:01:05 [4663]: IDS/DNS-version-query: 212.244.97.121:3485 -> 172.16.1.107:53 Apr 24 19:04:01 [4663]: IDS213/ftp-passwd-retrieval: 194.222.156.169:1425 -> 172.16.1.107:21 Apr 25 08:02:41 [5875]: spp_portscan: PORTSCAN DETECTED from 24.9.255.53
Apr 25 02:08:07 [5875]: IDS277/DNS-version-query: 63.226.81.13:4499 -> 172.16.1.107:53 Apr 25 02:08:07 [5875]: IDS277/DNS-version-query: 63.226.81.13:4630 -> 172.16.1.101:53 Apr 25 02:38:17 [5875]: IDS/RPC-rpcinfo-query: 212.251.1.94:642 -> 172.16.1.107:111 Apr 25 19:37:32 [5875]: IDS230/web-cgi-space-wildcard: 198.173.35.164:4221 -> 172.16.1.107:80 Apr 26 05:45:12 [6283]: IDS212/dns-zone-transfer: 38.31.107.87:2291 -> 172.16.1.101:53 Apr 26 06:43:05 [6283]: IDS181/nops-x86: 63.226.81.13:1351 -> 172.16.1.107:53 Apr 26 06:44:25 victim7 PAM_pwdb[12509]: (login) session opened for user simple by (uid=0) Apr 26 06:44:36 victim7 PAM_pwdb[12521]: (su) session opened for user simon by simple(uid=506) Apr 26 06:45:34 [6283]: IDS175/socks-probe: 24.112.167.35:20 -> 172.16.1.107:1080 Apr 26 06:52:10 [6283]: IDS127/telnet-login-incorrect: 172.16.1.107:23 -> 213.28.22.189:4558 Precautionary measures to prevent this attack would include writing rewall rules. Of these rewall rules, which among the following would be appropriate?

  1. Disallow UDP53 in from outside to DNS server
  2. Allow UDP53 in from DNS server to outside
  3. Disallow TCP53 in from secondaries or ISP server to DNS server
  4. Block all UDP tra c

Answer(s): A



When monitoring for both intrusion and security events between multiple computers, it is essential that the computers' clocks are synchronized. Synchronized time allows an administrator to reconstruct what took place during an attack against multiple computers. Without synchronized time, it is very di cult to determine exactly when speci c events took place, and how events interlace.
What is the name of the service used to synchronize time among multiple computers?

  1. Universal Time Set
  2. Network Time Protocol
  3. SyncTime Service
  4. Time-Sync Protocol

Answer(s): B



When investigating a potential e-mail crime, what is your rst step in the investigation?

  1. Trace the IP address to its origin
  2. Write a report
  3. Determine whether a crime was actually committed
  4. Recover the evidence

Answer(s): A






Post your Comments and Discuss EC-Council 312-49v10 exam with other Community members:

Yoyo commented on September 11, 2024
Is this legit
UNITED STATES
upvote

Emmah commented on July 29, 2023
are these valid chfi questions
KENYA
upvote

Christopher commented on September 05, 2022
the new versoin of this exam which i downloaded has all the latest questions from the exam. i only saw 3 new questions in the exam which was not in this dump.
CANADA
upvote

Aloke Paul commented on September 11, 2023
is this valid for chfiv9 as well... as i am reker 3rd time...
CHINA
upvote

pbn commented on December 27, 2023
is this valid ?
UNITED STATES
upvote

Aloke Paul commented on September 11, 2023
Is this valid for CHFIv9 as well... As I am reker 3rd time...
CHINA
upvote

Hurro commented on July 29, 2023
How valid are these
KENYA
upvote

Ian commented on July 29, 2023
Are they valid?
KENYA
upvote

Emmah commented on July 29, 2023
Are these valid CHFI questions
KENYA
upvote

Christopher commented on September 05, 2022
The new versoin of this exam which I downloaded has all the latest questions from the exam. I only saw 3 new questions in the exam which was not in this dump.
CANADA
upvote