312-49 무료 덤프문제 온라인 액세스

Jack Smith is a forensics investigator who works for Mason Computer Investigation
Services. He is investigating a computer that was infected by Ramen Virus.

He runs the netstat command on the machine to see its current connections. In the following screenshot, what do the 0.0.0.0 IP addresses signify?

• A.Those connections are in closed/waiting modeThose connections are in closed/waiting modeThose connections are in closed/waiting mode
• B.Those connections are in listening modeThose connections are in listening modeThose connections are in listening mode
• C.Those connections are established Those connections are established Those connections are established
• D.Those connections are in timed out/waiting mode Those connections are in timed out/waiting mode Those connections are in timed out/waiting mode

You have been asked to investigate the possibility of computer fraud in the finance department of a company. It is suspected that a staff member has been committing finance fraud by printing cheques that have not been authorized. You have exhaustively searched all data files on a bitmap image of the target computer, but have found no evidence. You suspect the files may not have been saved. What should you examine next in this case?

• A.The swapfile
• B.The recycle bin
• C.The metadata
• D.The registry

George was recently fired from his job as an IT analyst at Pitts and Company in Dallas
Texas. His main duties as an analyst were to support the company Active Directory structure and to create network polices. George now wants to break into the company network by cracking some ofcompany? Active Directory structure and to create network polices. George now wants to break into the company? network by cracking some of the service accounts he knows about. Which password cracking technique should George use in this situation?

• A.Rule-based attack
• B.Syllable attack
• C.Dictionary attack
• D.Brute force attack

Harold is a computer forensics investigator working for a consulting firm out of Atlanta
Georgia. Harold is called upon to help with a corporate espionage case in Miami Florida.
Harold assists in the investigation by pulling all the data from the computers allegedly used in the illegal activities. He finds that two suspects in the company where stealing sensitive corporate information and selling it to competing companies. From the email and instant messenger logs recovered, Harold has discovered that the two employees notified the buyers by writing symbols on the back of specific stop signs. This way, the buyers knew when and where to meet with the alleged suspects to buy the stolen material. What type of steganography did these two suspects use?

• A.Grill cipher
• B.Text semagram
• C.Visual semagram
• D.Visual cipher

You are assisting in the investigation of a possible Web Server hack. The company who called you stated that customers reported to them that whenever they entered the web address of the company in their browser, what they received was a pornographic web site.
The company checked the web server and nothing appears wrong. When you type in the
IP address of the web site in your browser everything appears normal. What is the name of the attack that affects the DNS cache of the name resolution servers, resulting in those servers directing users to the wrong web site?

• A.IP Spoofing
• B.DNS Poisoning
• C.HTTP redirect attack
• D.ARP Poisoning