Pass the ECCouncil CHFIv9 312-49v9 Questions and answers with ExamsMirror

Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is Jessica going to perform?

Which of the following should a computer forensics lab used for investigations have?

The efforts to obtain information before a trail by demanding documents, depositions, questioned and answers written under oath, written requests for admissions of fact and examination of the scene is a description of what legal term?

You are trying to locate Microsoft Outlook Web Access Default Portal using Google search on the Internet. What search string will you use to locate them?

When monitoring for both intrusion and security events between multiple computers, it is essential that the computers' clocks are synchronized. Synchronized time allows an administrator to reconstruct what took place during an attack against multiple computers. Without synchronized time, it is very difficult to determine exactly when specific events took place, and how events interlace. What is the name of the service used to synchronize time among multiple computers?

What method of computer forensics will allow you to trace all ever-established user accounts on a Windows 2000 sever the course of its lifetime?

Bob has been trying to penetrate a remote production system for the past two weeks. This time however, he is able to get into the system. He was able to use the System for a period of three weeks. However, law enforcement agencies were recoding his every activity and this was later presented as evidence.

The organization had used a Virtual Environment to trap Bob. What is a Virtual Environment?

The police believe that Melvin Matthew has been obtaining unauthorized access to computers belonging to numerous computer software and computer operating systems manufacturers, cellular telephone manufacturers, Internet Service Providers and Educational Institutions. They also suspect that he has been stealing, copying and misappropriating proprietary computer software belonging to the several victim companies. What is preventing the police from breaking down the suspects door and searching his home and seizing all of his computer equipment if they have not yet obtained a warrant?

The ____________________ refers to handing over the results of private investigations to the authorities because of indications of criminal activity.

Lance wants to place a honeypot on his network. Which of the following would be your recommendations?

After undergoing an external IT audit, George realizes his network is vulnerable to DDoS attacks.

What countermeasures could he take to prevent DDoS attacks?

What operating system would respond to the following command?

What header field in the TCP/IP protocol stack involves the hacker exploit known as the Ping of Death?

Preparing an image drive to copy files to is the first step in Linux forensics. For this purpose, what would the following command accomplish?

dcfldd if=/dev/zero of=/dev/hda bs=4096 conv=noerror, sync

Which of the following techniques can be used to beat steganography?