The latest EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 exam and earn EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 certification.
Exam Question 191
Which of the following is a record of the characteristics of a file system, including its size, the block size, the empty and the filled blocks and their respective counts, the size and location of the inode tables, the disk block map and usage information, and the size of the block groups?
A. Inode bitmap block
B. Superblock
C. Block bitmap block
D. Data block
Correct Answer:
B. Superblock
Exam Question 192
Which of the following refers to the process of the witness being questioned by the attorney who called the latter to the stand?
A. Witness Authentication
B. Direct Examination
C. Expert Witness
D. Cross Questioning
Correct Answer:
B. Direct Examination
Exam Question 193
Files stored in the Recycle Bin in its physical location are renamed as Dxy.ext, where “x” represents the ___________________.
A. Drive name
B. Original file name’s extension
C. Sequential number
D. Original file name
Correct Answer:
A. Drive name
Exam Question 194
Which of the following is an iOS Jailbreaking tool?
A. Kingo Android ROOT
B. Towelroot
C. One Click Root
D. Redsn0w
Correct Answer:
D. Redsn0w
Exam Question 195
Which of the following Registry components include offsets to other cells as well as the LastWrite time for the key?
A. Value list cell
B. Value cell
C. Key cell
D. Security descriptor cell
Correct Answer:
C. Key cell
Exam Question 196
Which file is a sequence of bytes organized into blocks understandable by the system’s linker?
A. executable file
B. source file
C. Object file
D. None of these
Correct Answer:
C. Object file
Exam Question 197
Smith, a forensic examiner, was analyzing a hard disk image to find and acquire deleted sensitive files. He stumbled upon a $Recycle.Bin folder in the root directory of the disk. Identify the operating system in use.
A. Windows 98
B. Linux
C. Windows 8.1
D. Windows XP
Correct Answer:
D. Windows XP
Exam Question 198
Which among the following files provides email header information in the Microsoft Exchange server?
A. gwcheck.db
B. PRIV.EDB
C. PUB.EDB
D. PRIV.STM
Correct Answer:
B. PRIV.EDB
Exam Question 199
Which of the following attacks allows an attacker to access restricted directories, including application source code, configuration and critical system files, and to execute commands outside of the web server’s root directory?
A. Parameter/form tampering
B. Unvalidated input
C. Directory traversal
D. Security misconfiguration
Correct Answer:
C. Directory traversal
Exam Question 200
What is the size value of a nibble?
A. 0.5 kilo byte
B. 0.5 bit
C. 0.5 byte
D. 2 bits
Correct Answer:
C. 0.5 byte