Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. ECCouncil
  3. CHFIv9
  4. 312-49v9
  5. Computer Hacking Forensic Investigator (v9) Questions and Answers

Pass the ECCouncil CHFIv9 312-49v9 Questions and answers with ValidTests

Exam 312-49v9 All Questions
Exam 312-49v9 Premium Access

View all detail and faqs for the 312-49v9 exam

Go to Exam
Viewing page 11 out of 14 pages
Viewing questions 101-110 out of questions
Questions # 101:

What header field in the TCP/IP protocol stack involves the hacker exploit known as the Ping of Death?

Options:

A.

ICMP header field

B.

TCP header field

C.

IP header field

D.

UDP header field

Expert Solution
Questions # 102:

When setting up a wireless network with multiple access points, why is it important to set each access point on a different channel?

Options:

A.

Multiple access points can be set up on the same channel without any issues

B.

Avoid over-saturation of wireless signals

C.

So that the access points will work on different frequencies

D.

Avoid cross talk

Expert Solution
Questions # 103:

You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?

Options:

A.

Polymorphic

B.

Metamorphic

C.

Oligomorhic

D.

Transmorphic

Expert Solution
Questions # 104:

You have used a newly released forensic investigation tool, which doesn't meet the Daubert Test, during a case. The case has ended-up in court. What argument could the defense make to weaken your case?

Options:

A.

The tool hasn't been tested by the International Standards Organization (ISO)

B.

Only the local law enforcement should use the tool

C.

The total has not been reviewed and accepted by your peers

D.

You are not certified for using the tool

Expert Solution
Questions # 105:

When reviewing web logs, you see an entry for resource not found in the HTTP status code filed.

What is the actual error code that you would see in the log for resource not found?

Options:

A.

202

B.

404

C.

505

D.

909

Expert Solution
Questions # 106:

George is a senior security analyst working for a state agency in Florida. His state's congress just passed a bill mandating every state agency to undergo a security audit annually. After learning what will be required, George needs to implement an IDS as soon as possible before the first audit occurs. The state bill requires that an IDS with a "time-based induction machine" be used.

What IDS feature must George implement to meet this requirement?

Options:

A.

Signature-based anomaly detection

B.

Pattern matching

C.

Real-time anomaly detection

D.

Statistical-based anomaly detection

Expert Solution
Questions # 107:

Lance wants to place a honeypot on his network. Which of the following would be your recommendations?

Options:

A.

Use a system that has a dynamic addressing on the network

B.

Use a system that is not directly interacting with the router

C.

Use it on a system in an external DMZ in front of the firewall

D.

It doesn't matter as all replies are faked

Expert Solution
Questions # 108:

What will the following command produce on a website login page? SELECT email, passwd, login_id, full_name FROM members WHERE email = 'someone@somehwere.com'; DROP TABLE members; --'

Options:

A.

Deletes the entire members table

B.

Inserts the Error! Reference source not found.email address into the members table

C.

Retrieves the password for the first user in the members table

D.

This command will not produce anything since the syntax is incorrect

Expert Solution
Questions # 109:

Profiling is a forensics technique for analyzing evidence with the goal of identifying the perpetrator from their various activity. After a computer has been compromised by a hacker, which of the following would be most important in forming a profile of the incident?

Options:

A.

The manufacturer of the system compromised

B.

The logic, formatting and elegance of the code used in the attack

C.

The nature of the attack

D.

The vulnerability exploited in the incident

Expert Solution
Questions # 110:

Kyle is performing the final testing of an application he developed for the accounting department.

His last round of testing is to ensure that the program is as secure as possible. Kyle runs the following command. What is he testing at this point?

#include #include int main(int argc, char

*argv[]) { char buffer[10]; if (argc < 2) { fprintf (stderr, "USAGE: %s string\n", argv[0]); return 1; }

strcpy(buffer, argv[1]); return 0; }

Options:

A.

Buffer overflow

B.

SQL injection

C.

Format string bug

D.

Kernal injection

Expert Solution
Viewing page 11 out of 14 pages
Viewing questions 101-110 out of questions