EC-COUNCIL 312-49v11 Exam Dumps - PDF Questions and Testing Engine
Latest 312-49v11 Exam Dumps for Pass Guaranteed
NEW QUESTION # 276
Click on the Exhibit Button. Paulette works for an IT security consulting company that is currently performing an audit for the firm ACE Unlimited. Paulette's duties include logging on to all the company's network equipment to ensure IOS versions are up-to-date and all the other security settings are as stringent as possible. Paulette presents the following screenshot to her boss so he can inform the client about necessary changes need to be made. From the screenshot, what changes should the client company make?
- A. The banner should not state "only authorized IT personnel may proceed"
- B. The banner should have more detail on the version numbers for the networkeQuipment
- C. The banner should include the Cisco tech support contact information as well
- D. Remove any identifying numbers, names, or version information
Answer: D
NEW QUESTION # 277
You are trying to locate Microsoft Outlook Web Access Default Portal using Google search on the Internet. What search string will you use to locate them?
- A. allinurl:"exchange/logon.asp"
- B. locate:"logon page"
- C. outlook:"search"
- D. intitle:"exchange server"
Answer: A
NEW QUESTION # 278
In Java, when multiple applications are launched, multiple Dalvik Virtual Machine instances occur that consume memory and time. To avoid that. Android Implements a process that enables low memory consumption and quick start-up time. What is the process called?
- A. Media server
- B. Daemon
- C. Zygote
- D. init
Answer: C
NEW QUESTION # 279
Shane, a forensic specialist, is investigating an ongoing attack on a MySQL database server hosted on a Windows machine with SID "WIN-ABCDE12345F." Which of the following log file will help Shane in tracking all the client connections and activities performed on the database server?
- A. WIN-ABCDE12345F.pid
- B. WIN-ABCDE12345F.log
- C. WIN-ABCDE12345F.err
- D. WIN-ABCDE12345F-bin.n
Answer: B
NEW QUESTION # 280
Which root folder (hive) of registry editor contains a vast array of configuration information for the system, including hardware settings and software settings?
- A. HKEY_LOCAL_MACHINE
- B. HKEY_CURRENT_USER
- C. HKEY_USERS
- D. HKEY-CURRENT_CONFIG
Answer: A
NEW QUESTION # 281
What system details can an investigator obtain from the NetBIOS name table cache?
- A. List of the system present on a router
- B. List of connections made to other systems
- C. List of files shared between the connected systems
- D. List of files opened on other systems
Answer: B
NEW QUESTION # 282
A cybersecurity forensic investigator analyzes log files to investigate an SQL Injection attack.
While going through the Apache across.log, they come across a GET request from the IP
10.0.0.19 containing an encoded query string:
GET /sqli/examplel.php?name=root' UniON SeLeCT 1,table_name,3,4,5 From
information_schema.tables where Table_Schema=DatabasE() limit 1,2---
What is the intention behind the attacker's query?
- A. To bypass the website's authentication mechanism and view all user details
- B. To erase the data in the specific tables of the database
- C. To manipulate the order of the columns in the database
- D. To retrieve the names of the tables in the database
Answer: D
NEW QUESTION # 283
Which of the following statements pertaining to First Response is true?
- A. First Response is a part of the investigation phase
- B. First Response is a part of the pre-investigation phase
- C. First Response is a part of the post-investigation phase
- D. First Response is neither a part of pre-investigation phase nor a part of investigation phase. It only involves attending to a crime scene first and taking measures that assist forensic investigators in executing their tasks in the investigation phase more efficiently
Answer: A
NEW QUESTION # 284
Which of the following file in Novel GroupWise stores information about user accounts?
- A. PRIV.STM
- B. gwcheck.db
- C. PRIV.EDB
- D. ngwguard.db
Answer: D
NEW QUESTION # 285
A company has been receiving unsolicited commercial emails from an unknown source promoting a third-party product. The email contains false header information and is not identified as an advertisement. The emails are being sent to addresses that are generated through a dictionary attack. As a Computer Hacking Forensics Investigator, which violations of the CAN-SPAM Act are present in this scenario?
- A. Using false or misleading header information and not identifying the commercial email as an ad only
- B. Using false or misleading header information, not identifying the commercial email as an ad. and violating the prohibition against dictionary attacks
- C. Violating the prohibition against dictionary attacks and not identifying the commercial email as an ad only
- D. Using false or misleading header information and violating the prohibition against dictionary attacks only
Answer: B
NEW QUESTION # 286
A CHFI has been asked to recover browser history from a seized Microsoft Edge browser on a Windows system. This is important to pinpoint the suspect's online activities. The suspect was known to clear their browser history frequently. Which tool and path would most efficiently recover the required data?
- A. MZCacheView tool; Path: C:\UsersWAppData\Local\Mozilla\Firefox\Profiles\XXXXXXXX.default\cache2
- B. Browsing HistoryView tool; Path: C:\Users\Admin\AppData\Local\Microsoft\Windows\History
- C. Browsing HistoryView tool; Path: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache
- D. MZHistoryView tool; Path: C:\UsersWAppData\Roaming\Mozilla\Firefox\Profiles\XXXXXXXX.default\places.sqlite
Answer: C
NEW QUESTION # 287
When needing to search for a website that is no longer present on the Internet today but was online few years back, what site can be used to view the website collection of pages?
- A. Proxify.net
- B. Samspade.org
- C. Dnsstuff.com
- D. Archive.org
Answer: D
NEW QUESTION # 288
Given the drive dimensions as follows and assuming a sector has 512 bytes, what is the capacity of the described hard drive?
22,164 cylinders/disk
80 heads/cylinder
63 sectors/track
- A. 53.26 GB
- B. 10 GB
- C. 57.19 GB
- D. 11.17 GB
Answer: A
NEW QUESTION # 289
As a Computer Hacking Forensics Investigator, you have been tasked with examining a suspicious.E01 disk image file using The Sleuth Kit (TSK). You need to display the metadata structure of an inode but also want to show the addresses of its disk units. Which TSK command would best serve this purpose?
- A. img_stat [-i imgtype] [-b dev_sector_size] [-tvV] image [images]
- B. istat [-B num ] [-f fstype ] [-i imgtype] [-o imgoffset] [-b dev_sector_size] [-vV] [-z zone ] [-s seconds ] image [images] inode
- C. fsstat [-f fstype ] [-i imgtype] [-o imgoffset] [-b dev_sector_size] [-tvV] image [images]
- D. fls [-adDFIpruvV] [-m mnt ] [-z zone ] [-f fstype ] [-s seconds ] [-i imgtype ] [-o imgoffset ] [-b dev_sector_size] image [images] [ inode]
Answer: B
NEW QUESTION # 290
A computer forensic report is a report which provides detailed information on the complete forensics investigation process.
- A. False
- B. True
Answer: B
NEW QUESTION # 291
Which of these Windows utility help you to repair logical file system errors?
- A. Disk cleanup
- B. CHKDSK
- C. Disk defragmenter
- D. Resource Monitor
Answer: B
NEW QUESTION # 292
What type of attack sends spoofed UDP packets (instead of ping packets) with a fake source address to the IP broadcast address of a large network?
- A. Teardrop
- B. Fraggle
- C. SYN flood
- D. Smurf scan
Answer: B
NEW QUESTION # 293
Which of the following attack uses HTML tags like <script></script>?
- A. Spam
- B. XSS attack
- C. Phishing
- D. SQL injection
Answer: B
NEW QUESTION # 294
In Microsoft file structures, sectors are grouped together to form:
- A. Clusters
- B. Drives
- C. Partitions
- D. Bitstreams
Answer: A
NEW QUESTION # 295
Which among the following laws emphasizes the need for each Federal agency to develop, document, and implement an organization-wide program to provide information security for the information systems that support its operations and assets?
- A. GLBA
- B. HIPAA
- C. FISMA
- D. SOX
Answer: C
NEW QUESTION # 296
Gary, a computer technician, is facing allegations of abusing children online by befriending them and sending them illicit adult images from his office computer. What type of investigation does this case require?
- A. Civil Investigation
- B. Administrative Investigation
- C. Criminal Investigation
- D. Both Criminal and Administrative Investigation
Answer: C
NEW QUESTION # 297
Rusty, a computer forensics apprentice, uses the command nbtstat -c while analyzing the network information in a suspect system. What information is he looking for?
- A. Status of the network carrier
- B. Contents of the network routing table
- C. Contents of the NetBIOS name cache
- D. Network connections
Answer: C
NEW QUESTION # 298
......
Reliable Certified Ethical Hacker 312-49v11 Dumps PDF Jan 30, 2026 Recently Updated Questions: https://www.easy4engine.com/312-49v11-test-engine.html
Pass Your EC-COUNCIL 312-49v11 Exam with Correct 1006 Questions and Answers: https://drive.google.com/open?id=1kfV9PNRwO5KFm4I5RtnMzG5TLkdPOYnu

