The latest EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 exam and earn EC-Council Computer Hacking Forensic Investigator CHFI EC0 312-49 certification.
Exam Question 171
Which of the following is a list of recently used programs or opened files?
A. Most Recently Used (MRU)
B. Recently Used Programs (RUP)
C. Master File Table (MFT)
D. GUID Partition Table (GPT)
Correct Answer:
A. Most Recently Used (MRU)
Exam Question 172
Which of the following tasks DOES NOT come under the investigation phase of a cybercrime forensics investigation case?
A. Data collection
B. Secure the evidence
C. First response
D. Data analysis
Correct Answer:
C. First response
Exam Question 173
Which of the following file contains the traces of the applications installed, run, or uninstalled from a system?
A. Shortcut Files
B. Virtual files
C. Prefetch Files
D. Image Files
Correct Answer:
A. Shortcut Files
Exam Question 174
Which password cracking technique uses details such as length of password, character sets used to construct the password, etc.?
A. Dictionary attack
B. Brute force attack
C. Rule-based attack
D. Man in the middle attack
Correct Answer:
A. Dictionary attack
Exam Question 175
Which US law does the interstate or international transportation and receiving of child pornography fall under?
A. §18. U.S.C. 1466A
B. §18. U.S.C 252
C. §18. U.S.C 146A
D. §18. U.S.C 2252
Correct Answer:
D. §18. U.S.C 2252
Exam Question 176
Which network attack is described by the following statement?
“At least five Russian major banks came under a continuous hacker attack, although online client services were not disrupted. The attack came from a wide-scale botnet involving at least 24,000 computers, located in 30 countries.”
A. DDoS
B. Sniffer Attack
C. Buffer Overflow
D. Man-in-the-Middle Attack
Correct Answer:
A. DDoS
Exam Question 177
Which of the following tool captures and allows you to interactively browse the traffic on a network?
A. Security Task Manager
B. Wireshark
C. ThumbsDisplay
D. RegScanner
Correct Answer:
B. Wireshark
Exam Question 178
Which of the following standard represents a legal precedent sent in 1993 by the Supreme Court of the United States regarding the admissibility of expert witnesses’ testimony during federal legal proceedings?
A. IOCE
B. SWGDE & SWGIT
C. Frye
D. Daubert
Correct Answer:
D. Daubert
Exam Question 179
You have been given the task to investigate web attacks on a Windows-based server. Which of the following commands will you use to look at the sessions the machine has opened with other systems?
A. Net sessions
B. Net config
C. Net share
D. Net use
Correct Answer:
D. Net use
Exam Question 180
Bob has encountered a system crash and has lost vital data stored on the hard drive of his Windows computer. He has no cloud storage or backup hard drives. he wants to recover all those data, which includes his personal photos, music, documents, videos, official email, etc. Which of the following tools shall resolve Bob’s purpose?
A. Colasoft’s Capsa
B. Recuva
C. Cain & Abel
D. Xplico
Correct Answer:
D. Xplico