CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-49V9

Free 312-49V9 Exam Braindumps (page: 10)

Page 10 of 122
PDF with 589 Questions

In Windows 7 system files, which file reads the Boot.ini file and loads Ntoskrnl.exe. Bootvid.dll. Hal.dll, and boot-start device drivers?

  1. Ntldr
  2. Gdi32.dll
  3. Kernel32.dll
  4. Boot.in

Answer(s): A



What is the "Best Evidence Rule"?

  1. It states that the court only allows the original evidence of a document, photograph, or recording at the trial rather than a copy
  2. It contains system time, logged-on user(s), open files, network information, process information, process-to-port mapping, process memory, clipboard contents, service/driver
    information, and command history
  3. It contains hidden files, slack space, swap file, index.dat files, unallocated clusters, unused partitions, hidden partitions, registry settings, and event logs
  4. It contains information such as open network connection, user logout, programs that reside in memory, and cache data

Answer(s): A



What is the First Step required in preparing a computer for forensics investigation?

  1. Do not turn the computer off or on, run any programs, or attempt to access data on a computer
  2. Secure any relevant media
  3. Suspend automated document destruction and recycling policies that may pertain to any relevant media or users at Issue
  4. Identify the type of data you are seeking, the Information you are looking for, and the urgency level of the examination

Answer(s): A



What is the smallest allocation unit of a hard disk?

  1. Cluster
  2. Spinning tracks
  3. Disk platters
  4. Slack space

Answer(s): A



Page 10 of 122



Post your Comments and Discuss EC-Council 312-49V9 exam with other Community members:

Olu commented on October 16, 2023
Question 235: 22,164 x 80 x 63 x 512 = 57.19 GB
UNITED STATES
upvote