[Free] 2019(Nov) EnsurePass ECCouncil 312-49v8 Dumps with VCE and PDF 141-150

Get Full Version of the Exam

Question No.141

Data is striped at a byte level across multiple drives and parity information is distributed among all member drives. What RAID level is represented here?


  1. RAID Level 0

  2. RAID Level 1

  3. RAID Level 3

  4. RAID Level 5

Correct Answer: D

Question No.142

Windows Security Event Log contains records of login/logout activity or other security- related events specified by the system#39;s audit policy. What does event ID 531 in Windows Security Event Log indicates?

  1. A user successfully logged on to a computer

  2. The logon attempt was made with an unknown user name or a known user name with a bad password

  3. An attempt was made to log on with the user account outside of the allowed time

  4. A logon attempt was made using a disabled account

Correct Answer: D

Question No.143

In which step of the computer forensics investigation methodology would you run MD5 checksum on the evidence?

  1. Obtain search warrant

  2. Evaluate and secure the scene

  3. Collect the evidence

  4. Acquire the data

Correct Answer: D

Question No.144

JPEG is a commonly used method of compressing photographic Images. It uses a compression algorithm to minimize the size of the natural image, without affecting the quality of the image. The JPEG lossy algorithm divides the image in separate blocks of .

  1. 4×4 pixels

  2. 8×8 pixels

  3. 16×16 pixels

  4. 32×32 pixels

Correct Answer: B

Question No.145

SMTP (Simple Mail Transfer protocol) receives outgoing mail from clients and validates source and destination addresses, and also sends and receives emails to and from other SMTP servers.

  1. True

  2. False

Correct Answer: A

Question No.146

First response to an incident may involve three different groups of people, and each will have differing skills and need to carry out differing tasks based on the incident. Who is responsible for collecting, preserving, and packaging electronic evidence?

  1. System administrators

  2. Local managers or other non-forensic staff

  3. Forensic laboratory staff

  4. Lawyers

Correct Answer: C

Question No.147

Netstat is a tool for collecting Information regarding network connections. It provides a simple view of TCP and UDP connections, and their state and network traffic statistics. Which of the following commands shows you the TCP and UDP network connections, listening ports, and the identifiers?

  1. netstat -ano

  2. netstat -b

  3. netstat -r

  4. netstat -s

Correct Answer: A

Question No.148

What is the First Step required in preparing a computer for forensics investigation?

  1. Do not turn the computer off or on, run any programs, or attempt to access data on a computer

  2. Secure any relevant media

  3. Suspend automated document destruction and recycling policies that may pertain to any relevant media or users at Issue

  4. Identify the type of data you are seeking, the Information you are looking for, and the urgency level of the examination

Correct Answer: A

Question No.149

Which of the following Wi-Fi chalking methods refers to drawing symbols in public places to advertise open Wi-Fi networks?

  1. WarWalking

  2. WarFlying

  3. WarChalking

  4. WarDhving

Correct Answer: C

Question No.150

Ever-changing advancement or mobile devices increases the complexity of mobile device examinations. Which or the following is an appropriate action for the mobile forensic investigation?

  1. To avoid unwanted interaction with devices found on the scene, turn on any wireless interfaces such as Bluetooth and Wi-Fi radios

  2. Do not wear gloves while handling cell phone evidence to maintain integrity of physical evidence

  3. If the device#39;s display is ON. the screen#39;s contents should be photographed and, if necessary, recorded manually, capturing the time, service status, battery level, and other displayed icons

  4. If the phone is in a cradle or connected to a PC with a cable, then unplug the device from the computer

Correct Answer: C

Get Full Version of the Exam
312-49v8 Dumps
312-49v8 VCE and PDF