Get Full Version of the Exam
http://www.EnsurePass.com/312-49v8.html
Question No.131
Which of the following commands shows you the username and IP address used to access the system via a remote login session and the Type of client from which they are accessing the system?
-
Net sessions
-
Net file
-
Net config
-
Net share
Correct Answer: A
Question No.132
Which of the following would you consider an aspect of organizational security, especially focusing on IT security?
-
Biometric information security
-
Security from frauds
-
Application security
-
Information copyright security
Correct Answer: C
Question No.133
Which one of the following is not a consideration in a forensic readiness planning checklist?
-
Define the business states that need digital evidence
-
Identify the potential evidence available
-
Decide the procedure for securely collecting the evidence that meets the requirement fn a forensically sound manner
-
Take permission from all employees of the organization
Correct Answer: D
Question No.134
Windows Security Accounts Manager (SAM) is a registry file which stores passwords in a hashed format. SAM file in Windows is located at:
-
C:\windows\system32\config\SAM
-
C:\windows\system32\con\SAM
-
C:\windows\system32\Boot\SAM
-
C:\windows\system32\drivers\SAM
Correct Answer: A
Question No.135
Cyber-crime is defined as any Illegal act involving a gun, ammunition, or its applications.
-
True
-
False
Correct Answer: B
Question No.136
Which of the following statements does not support the case assessment?
-
Review the case investigator#39;s request for service
-
Identify the legal authority for the forensic examination request
-
Do not document the chain of custody
-
Discuss whether other forensic processes need to be performed on the evidence
Correct Answer: C
Question No.137
Recovery of the deleted partition is the process by which the investigator evaluates and extracts the deleted partitions.
-
True
-
False
Correct Answer: A
Question No.138
In Windows 7 system files, which file reads the Boot.ini file and loads Ntoskrnl.exe. Bootvid.dll. Hal.dll, and boot-start device drivers?
-
Ntldr
-
Gdi32.dll
-
Kernel32.dll
-
Boot.in
Correct Answer: A
Question No.139
Which root folder (hive) of registry editor contains a vast array of configuration information for the system, including hardware settings and software settings?
-
HKEY_USERS
-
HKEY_CURRENT_USER
-
HKEY_LOCAL_MACHINE
-
HKEY-CURRENT_CONFIG
Correct Answer: C
Question No.140
During first responder procedure you should follow all laws while collecting the evidence, and contact a computer forensic examiner as soon as possible
-
True
-
False
Correct Answer: A
Get Full Version of the Exam
312-49v8 Dumps
312-49v8 VCE and PDF