Spring Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the ECCouncil CHFIv9 312-49v9 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.
Exam 312-49v9 Premium Access

View all detail and faqs for the 312-49v9 exam

Go to Exam

849 Students Passed

94% Average Score

98% Same Questions
Viewing page 3 out of 12 pages
Viewing questions 31-45 out of questions
Questions # 31:

The Apache server saves diagnostic information and error messages that it encounters while processing requests. The default path of this file is usr/local/apache/logs/error.log in Linux. Identify the Apache error log from the following logs.

Options:

A.

http://victim.com/scripts/..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..% c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir+C:\Winnt\system32\Logfiles\W3SVC1

B.

[Wed Oct 11 14:32:52 2000] [error] [client 127.0.0.1] client denied by server configuration: /export/home/live/ap/htdocs/test

C.

127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700]"GET /apache_pb.gif HTTP/1.0" 200 2326

D.

127.0.0.1 - - [10/Apr/2007:10:39:11 +0300] ] [error] "GET /apache_pb.gif HTTP/1.0" 200 2326

Questions # 32:

The given image displays information about date and time of installation of the OS along with service packs, patches, and sub-directories. What command or tool did the investigator use to view this output?

Question # 32

Options:

A.

dir /o:d

B.

dir /o:s

C.

dir /o:e

D.

dir /o:n

Questions # 33:

Which of the following file formats allows the user to compress the acquired data as well as keep it randomly accessible?

Options:

A.

Proprietary Format

B.

Generic Forensic Zip (gfzip)

C.

Advanced Forensic Framework 4

D.

Advanced Forensics Format (AFF)

Questions # 34:

Which of these ISO standards define the file system for optical storage media, such as CD-ROM and DVD-ROM?

Options:

A.

ISO 9660

B.

ISO 13346

C.

ISO 9960

D.

ISO 13490

Questions # 35:

Andie, a network administrator, suspects unusual network services running on a windows system. Which of the following commands should he use to verify unusual network services started on a Windows system?

Options:

A.

net serv

B.

netmgr

C.

lusrmgr

D.

net start

Questions # 36:

Analyze the hex representation of mysql-bin.000013 file in the screenshot below. Which of the following will be an inference from this analysis?

Question # 36

Options:

A.

A user with username bad_guy has logged into the WordPress web application

B.

A WordPress user has been created with the username anonymous_hacker

C.

An attacker with name anonymous_hacker has replaced a user bad_guy in the WordPress database

D.

A WordPress user has been created with the username bad_guy

Questions # 37:

James is dealing with a case regarding a cybercrime that has taken place in Arizona, USA. James needs to lawfully seize the evidence from an electronic device without affecting the user's anonymity. Which of the following law should he comply with, before retrieving the evidence?

Options:

A.

First Amendment of the U.S. Constitution

B.

Fourth Amendment of the U.S. Constitution

C.

Third Amendment of the U.S. Constitution

D.

Fifth Amendment of the U.S. Constitution

Questions # 38:

Which of the following Android libraries are used to render 2D (SGL) or 3D (OpenGL/ES) graphics content to the screen?

Options:

A.

OpenGL/ES and SGL

B.

Surface Manager

C.

Media framework

D.

WebKit

Questions # 39:

Which of the following is NOT an anti-forensics technique?

Options:

A.

Data Deduplication

B.

Steganography

C.

Encryption

D.

Password Protection

Questions # 40:

Gill is a computer forensics investigator who has been called upon to examine a seized computer. This computer, according to the police, was used by a hacker who gained access to numerous banking institutions to steal customer information. After preliminary investigations, Gill finds in the computer’s log files that the hacker was able to gain access to these banks through the use of Trojan horses. The hacker then used these Trojan horses to obtain remote access to the companies’ domain controllers. From this point, Gill found that the hacker pulled off the SAM files from the domain controllers to then attempt and crack network passwords. What is the most likely password cracking technique used by this hacker to break the user passwords from the SAM files?

Options:

A.

Syllable attack

B.

Hybrid attack

C.

Brute force attack

D.

Dictionary attack

Questions # 41:

Which of the following email headers specifies an address for mailer-generated errors, like "no such user" bounce messages, to go to (instead of the sender's address)?

Options:

A.

Mime-Version header

B.

Content-Type header

C.

Content-Transfer-Encoding header

D.

Errors-To header

Questions # 42:

Which of the following Linux command searches through the current processes and lists the process IDs those match the selection criteria to stdout?

Options:

A.

pstree

B.

pgrep

C.

ps

D.

grep

Questions # 43:

Which of these Windows utility help you to repair logical file system errors?

Options:

A.

Resource Monitor

B.

Disk cleanup

C.

Disk defragmenter

D.

CHKDSK

Questions # 44:

Which of the following is a non-zero data that an application allocates on a hard disk cluster in systems running on Windows OS?

Options:

A.

Sparse File

B.

Master File Table

C.

Meta Block Group

D.

Slack Space

Questions # 45:

Identify the file system that uses $BitMap file to keep track of all used and unused clusters on a volume.

Options:

A.

NTFS

B.

FAT

C.

EXT

D.

FAT32

Viewing page 3 out of 12 pages
Viewing questions 31-45 out of questions
TOP CODES

TOP CODES

Top selling exam codes in the certification world, popular, in demand and updated to help you pass on the first try.

2V0-11.25
ADM-201
Agentforce-Specialist
CMMC-CCP
Data-Cloud-Consultant
PDI
PSE-Strata-Pro-24
Secure-Software-Design
Sharing-and-Visibility-Architect
Workday-Pro-Integrations
ZDTA