Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

Ivanovich, a forensics investigator, is trying to extract complete information about running processes from a system. Where should he look apart from the RAM and virtual memory?

A.

Swap space

B.

Application data

C.

Files and documents

D.

Slack space

Using Internet logging software to investigate a case of malicious use of computers, the investigator comes across some entries that appear odd.

From the log, the investigator can see where the person in question went on the Internet. From the log, it appears that the user was manually typing in different user ID numbers. What technique this user was trying?

A.

Parameter tampering

B.

Cross site scripting

C.

SQL injection

D.

Cookie Poisoning

Which of the following standard represents a legal precedent sent in 1993 by the Supreme Court of the United States regarding the admissibility of expert witnesses’ testimony during federal legal proceedings?

A.

IOCE

B.

SWGDE & SWGIT

C.

Frye

D.

Daubert

Heather, a computer forensics investigator, is assisting a group of investigators working on a large computer fraud case involving over 20 people. These 20 people, working in different offices, allegedly siphoned off money from many different client accounts. Heather responsibility is to find out how the accused people communicated between each other. She has searched their email and their computers and has not found any useful evidence. Heather then finds some possibly useful evidence under the desk of one of the accused.

In an envelope she finds a piece of plastic with numerous holes cut out of it. Heather then finds the same exact piece of plastic with holes at many of the other accused peoples desks. Heather believes that the 20 people involved in the case were using a cipher to send secret messages in between each other. What type of cipher was used by the accused in this case?

A.

Grill cipher

B.

Null cipher

C.

Text semagram

D.

Visual semagram

Where is the default location for Apache access logs on a Linux computer?

A.

usr/local/apache/logs/access_log

B.

bin/local/home/apache/logs/access_log

C.

usr/logs/access_log

D.

logs/usr/apache/access_log

Which of the following stages in a Linux boot process involve initialization of the system’s hardware?

A.

BIOS Stage

B.

Bootloader Stage

C.

BootROM Stage

D.

Kernel Stage

Which of the following options will help users to enable or disable the last access time on a system running Windows 10 OS?

A.

wmic service

B.

Reg.exe

C.

fsutil

D.

Devcon

In Steganalysis, which of the following describes a Known-stego attack?

A.

The hidden message and the corresponding stego-image are known

B.

During the communication process, active attackers can change cover

C.

Original and stego-object are available and the steganography algorithm is known

D.

Only the steganography medium is available for analysis

Which of the following email headers specifies an address for mailer-generated errors, like "no such user" bounce messages, to go to (instead of the sender's address)?

A.

Mime-Version header

B.

Content-Type header

C.

Content-Transfer-Encoding header

D.

Errors-To header

Gill is a computer forensics investigator who has been called upon to examine a seized computer. This computer, according to the police, was used by a hacker who gained access to numerous banking institutions to steal customer information. After preliminary investigations, Gill finds in the computer’s log files that the hacker was able to gain access to these banks through the use of Trojan horses. The hacker then used these Trojan horses to obtain remote access to the companies’ domain controllers. From this point, Gill found that the hacker pulled off the SAM files from the domain controllers to then attempt and crack network passwords. What is the most likely password cracking technique used by this hacker to break the user passwords from the SAM files?

A.

Syllable attack

B.

Hybrid attack

C.

Brute force attack

D.

Dictionary attack

An investigator has acquired packed software and needed to analyze it for the presence of malice. Which of the following tools can help in finding the packaging software used?

A.

SysAnalyzer

B.

PEiD

C.

Comodo Programs Manager

D.

Dependency Walker

In a Linux-based system, what does the command “Last -F” display?

A.

Login and logout times and dates of the system

B.

Last run processes

C.

Last functions performed

D.

Recently opened files

Which of the following is a non-zero data that an application allocates on a hard disk cluster in systems running on Windows OS?

A.

Sparse File

B.

Master File Table

C.

Meta Block Group

D.

Slack Space

What is the role of Alloc.c in Apache core?

A.

It handles allocation of resource pools

B.

It is useful for reading and handling of the configuration files

C.

It takes care of all the data exchange and socket connections between the client and the server

D.

It handles server start-ups and timeouts

In Windows, prefetching is done to improve system performance. There are two types of prefetching: boot prefetching and application prefetching. During boot prefetching, what does the Cache Manager do?

A.

Determines the data associated with value EnablePrefetcher

B.

Monitors the first 10 seconds after the process is started

C.

Checks whether the data is processed

D.

Checks hard page faults and soft page faults