312-49V10 Online Practice Questions and Answers

Smith, an employee of a reputed forensic Investigation firm, has been hired by a private organization to investigate a laptop that is suspected to be involved in hacking of organization DC server. Smith wants to find all the values typed into the Run box in the Start menu. Which of the following registry key Smith will check to find the above information?

A. UserAssist Key

B. MountedDevices key

C. RunMRU key

D. TypedURLs key

Computer security logs contain information about the events occurring within an organization's systems and networks. Which of the following security logs contains Logs of network and host-based security software?

A. Operating System (OS) logs

B. Application logs

C. Security software logs

D. Audit logs

What type of file is represented by a colon (:) with a name following it in the Master File Table (MFT) of an NTFS disk?

A. Compressed file

B. Data stream file

C. Encrypted file

D. Reserved file

John is working on his company policies and guidelines. The section he is currently working on covers company documents; how they shouldJohn is working on his company? policies and guidelines. The section he is currently working on covers company documents; how they should be handled, stored, and eventually destroyed. John is concerned about the process whereby outdated documents are destroyed. What type of shredder should John write in the guidelines to be used when destroying documents?

A. Strip-cut shredder

B. Cross-cut shredder

C. Cross-hatch shredder

D. Cris-cross shredder

It takes _____________ mismanaged case/s to ruin your professional reputation as a computer forensics examiner?

A. by law, three

B. quite a few

C. only one

D. at least two

What do you call the process of studying the changes that have taken place across a system or a machine after a series of actions or incidents?

A. Windows Services Monitoring

B. System Baselining

C. Start-up Programs Monitoring

D. Host integrity Monitoring

Which forensic investigation methodology believes that criminals commit crimes solely to benefit their criminal enterprises?

A. Scientific Working Group on Digital Evidence

B. Daubert Standard

C. Enterprise Theory of Investigation

D. Fyre Standard

Gill is a computer forensics investigator who has been called upon to examine a seized computer. This computer, according to the police, was used by a hacker who gained access to numerous banking institutions to steal customer information. After preliminary investigations, Gill finds in the computer's log files that the hacker was able to gain access to these banks through the use of Trojan horses. The hacker then used these Trojan horses to obtain remote access to the companies’ domain controllers. From this point, Gill found that the hacker pulled off the SAM files from the domain controllers to then attempt and crack network passwords. What is the most likely password cracking technique used by this hacker to break the user passwords from the SAM files?

A. Syllable attack

B. Hybrid attack

C. Brute force attack

D. Dictionary attack

In Steganalysis, which of the following describes a Known-stego attack?

A. The hidden message and the corresponding stego-image are known

B. During the communication process, active attackers can change cover

C. Original and stego-object are available and the steganography algorithm is known

D. Only the steganography medium is available for analysis

A forensic examiner is examining a Windows system seized from a crime scene. During the examination of a suspect file, he discovered that the file is password protected. He tried guessing the password using the suspect's available information but without any success. Which of the following tool can help the investigator to solve this issue?

A. Cain and Abel

B. Xplico

C. Recuva

D. Colasoft's Capsa