EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 Exam Questions and Answers – Page 2

The latest EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 exam and earn EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 certification.

EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 Exam Questions and Answers
EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 Exam Questions and Answers

Exam Question 101

What will the following URL produce in an unpatched IIS Web Server?
http://www.thetargetsite.com/scripts/..% co%af../..%co%af../windows/system32/cmd.exe?/c+dir+c:\

A. Directory listing of C: drive on the web server
B. Insert a Trojan horse into the C: drive of the web server
C. Execute a buffer flow in the C: drive of the web server
D. Directory listing of the C:\windows\system32 folder on the web server

Correct Answer:
A. Directory listing of C: drive on the web server

Exam Question 102

Harold is a security analyst who has just run the rdisk /s command to grab the backup SAM files on a computer. Where should Harold navigate on the computer to find the file?

A. %systemroot%\system32\LSA
B. %systemroot%\system32\drivers\etc
C. %systemroot%\repair
D. %systemroot%\LSA

Correct Answer:
C. %systemroot%\repair

Exam Question 103

When setting up a wireless network with multiple access points, why is it important to set each access point on a different channel?

A. Multiple access points can be set up on the same channel without any issues
B. Avoid over-saturation of wireless signals
C. So that the access points will work on different frequencies
D. Avoid cross talk

Correct Answer:
D. Avoid cross talk

Exam Question 104

You are running through a series of tests on your network to check for any security vulnerabilities.
After normal working hours, you initiate a DoS attack against your external firewall. The firewall Quickly freezes up and becomes unusable. You then initiate an FTP connection from an external IP into your internal network. The connection is successful even though you have FTP blocked at the external firewall.
What has happened?

A. The firewall failed-bypass
B. The firewall failed-closed
C. The firewall ACL has been purged
D. The firewall failed-open

Correct Answer:
D. The firewall failed-open

Exam Question 105

You just passed your ECSA exam and are about to start your first consulting job running security audits for a financial institution in Los Angeles. The IT manager of the company you will be working for tries to see if you remember your ECSA class. He asks about the methodology you will be using to test the company’s network. How would you answer?

A. Microsoft Methodology
B. Google Methodology
C. IBM Methodology
D. LPT Methodology

Correct Answer:
D. LPT Methodology

Exam Question 106

Jason has set up a honeypot environment by creating a DMZ that has no physical or logical access to his production network. In this honeypot, he has placed a server running Windows Active Directory. He has also placed a Web server in the DMZ that services a number of web pages that offer visitors a chance to download sensitive information by clicking on a button. A week later, Jason finds in his network logs how an intruder accessed the honeypot and downloaded sensitive information. Jason uses the logs to try and prosecute the intruder for stealing sensitive corporate information. Why will this not be viable?

A. Entrapment
B. Enticement
C. Intruding into a honeypot is not illegal
D. Intruding into a DMZ is not illegal

Correct Answer:
A. Entrapment

Exam Question 107

You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using ldp.exe. What are you trying to accomplish here?

A. Poison the DNS records with false records
B. Enumerate MX and A records from DNS
C. Establish a remote connection to the Domain Controller
D. Enumerate domain user accounts and built-in groups

Correct Answer:
D. Enumerate domain user accounts and built-in groups

Exam Question 108

What are the security risks of running a “repair” installation for Windows XP?

A. Pressing Shift+F10gives the user administrative rights
B. Pressing Shift+F1gives the user administrative rights
C. Pressing Ctrl+F10 gives the user administrative rights
D. There are no security risks when running the “repair” installation for Windows XP

Correct Answer:
A. Pressing Shift+F10gives the user administrative rights

Exam Question 109

The objective of this act was to protect consumers’ personal financial information held by financial institutions and their service providers.

A. Gramm-Leach-Bliley Act
B. Sarbanes-Oxley 2002
C. California SB 1386
D. HIPAA

Correct Answer:
A. Gramm-Leach-Bliley Act

Exam Question 110

Why is it a good idea to perform a penetration test from the inside?

A. It is never a good idea to perform a penetration test from the inside
B. Because 70% of attacks are from inside the organization
C. To attack a network from a hacker’s perspective
D. It is easier to hack from the inside

Correct Answer:
B. Because 70% of attacks are from inside the organization