Spring Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
ECCouncil
ECSA
412-79
EC-Council Certified Security Analyst (ECSA) Questions and Answers

Pass the ECCouncil ECSA 412-79 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam 412-79 Premium Access

View all detail and faqs for the 412-79 exam

Go to Exam

709 Students Passed

86% Average Score

96% Same Questions

Viewing page 7 out of 7 pages

Viewing questions 61-70 out of questions

Questions # 61:

When you carve an image, recovering the image depends on which of the following skills?

Options:

Recognizing the pattern of the header content

Recovering the image from a tape backup

Recognizing the pattern of a corrupt file

Recovering the image from the tape backup

Answer

Questions # 62:

In a computer forensics investigation, what describes the route that evidence takes from the time you find it until the case is closed or goes to court?

Options:

rules of evidence

law of probability

chain of custody

policy of separation

Answer

Questions # 63:

In General, ______________ Involves the investigation of data that can be retrieved from the hard disk or other disks of a computer by applying scientific methods to retrieve the datA.

Options:

Network Forensics

Data Recovery

Disaster Recovery

Computer Forensics

Answer

Questions # 64:

Paula works as the primary help desk contact for her company.Paula has just received a call from a user reporting that his computer just displayed a Blue Screen of Death screen and he can no longer work.Paula

walks over to the user‟s computer and sees the Blue Screen of Death screen.The user‟s computer is running

Windows XP, but the Blue Screen looks like a familiar one that Paula had seen on Windows 2000 computers periodically. The user said he stepped away from his computer for only 15 minutes and when he got back, the Blue Screen was there.Paula also noticed that the hard drive activity light was flashing, meaning that the computer was processing something.Paula knew this should not be the case since the computer should be completely frozen during a Blue Screen. She checks the network IDS live log entries and notices numerous nmap scan alerts.

What is Paula seeing happen on this computer?

Options:

Paula‟s network was scanned using Floppyscan

There was IRQ conflict in Paula‟s PC

Paula‟s network was scanned using Dumpsec

Tools like Nessus will cause BSOD

Answer

Questions # 65:

What does the acronym POST mean as it relates to a PC?

Options:

Primary Operations Short Test

Power On Self Test

Pre Operational Situation Test

Primary Operating System Test

Answer

Questions # 66:

The MD5 program is used to:

Options:

wipe magnetic media before recycling it

make directories on a evidence disk

view graphics files on an evidence drive

verify that a disk is not altered when you examine it

Answer

Questions # 67:

An employee is attempting to wipe out data stored on a couple of compact discs (CDs) and digital video discs (DVDs) by using a large magnet. You inform him that this method will not be effective in wiping out the data because CDs and DVDs are ______________ media used to store large amounts of data and are not affected by the magnet.

Options:

logical

anti-magnetic

magnetic

optical

Answer

Questions # 68:

When examining a file with a Hex Editor, what space does the file header occupy?

Options:

the last several bytes of the file

the first several bytes of the file

none, file headers are contained in the FAT

one byte at the beginning of the file

Answer

Questions # 69:

What type of attack occurs when an attacker can force a router to stop forwarding packets by flooding the router with many open connections simultaneously so that all the hosts behind the router are effectively disabled?