CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-49V9

Free 312-49V9 Exam Braindumps (page: 63)

Page 63 of 122
PDF with 589 Questions

What file is processed at the end of a Windows XP boot to initialize the logon dialog box?

  1. NTOSKRNL.EXE
  2. NTLDR
  3. LSASS.EXE
  4. NTDETECT.COM

Answer(s): C



An investigator is searching through the firewall logs of a company and notices ICMP packets that are larger than 65, 536 bytes. What type of activity is the investigator seeing?

  1. Smurf
  2. Ping of death
  3. Fraggle
  4. Nmap scan

Answer(s): B



In the context of file deletion process, which of the following statement holds true?

  1. When files are deleted, the data is overwritten and the cluster marked as available
  2. The longer a disk is in use, the less likely it is that deleted files will be overwritten
  3. While booting, the machine may create temporary files that can delete evidence
  4. Secure delete programs work by completely overwriting the file in one go

Answer(s): C



What advantage does the tool Evidor have over the built-in Windows search?

  1. It can find deleted files even after they have been physically removed
  2. It can find bad sectors on the hard drive
  3. It can search slack space
  4. It can find files hidden within ADS

Answer(s): C



Page 63 of 122



Post your Comments and Discuss EC-Council 312-49V9 exam with other Community members:

Olu commented on October 16, 2023
Question 235: 22,164 x 80 x 63 x 512 = 57.19 GB
UNITED STATES
upvote