July/2022 Latest Braindump2go 312-49v10 Exam Dumps with PDF and VCE Free Updated Today! Following are some new 312-49v10 Real Exam Questions!
QUESTION 701
You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?
A. All three servers need to be placed internally
B. A web server and the database server facing the Internet, an application server on the internal network
C. A web server facing the Internet, an application server on the internal network, a database server on the internal network
D. All three servers need to face the Internet so that they can communicate between themselves
Answer: D
QUESTION 702
The NMAP command above performs which of the following?
> NMAP -sn 192.168.11.200-215
A. A trace sweep
B. A port scan
C. A ping scan
D. An operating system detect
Answer: C
QUESTION 703
You are a Penetration Tester and are assigned to scan a server. You need to use a scanning technique wherein the TCP Header is split into many packets so that it becomes difficult to detect what the packets are meant for. Which of the below scanning technique will you use?
A. Inverse TCP flag scanning
B. ACK flag scanning
C. TCP Scanning
D. IP Fragment Scanning
Answer: D
QUESTION 704
In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?
A. Both pharming and phishing attacks are purely technical and are not considered forms of social engineering
B. In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name
C. In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name
D. Both pharming and phishing attacks are identical
Answer: B
QUESTION 705
As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing . What document describes the specifics of the testing, the associated violations, and essentially protects both the organization’s interest and your liabilities as a tester?
A. Project Scope
B. Rules of Engagement
C. Non-Disclosure Agreement
D. Service Level Agreement
Answer: B
QUESTION 706
A company’s policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees don’t like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wireshark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?
A. tcp.port = 23
B. tcp.port == 21
C. tcp.port == 21 || tcp.port == 22
D. tcp.port != 21
Answer: B
QUESTION 707
To reach a bank web site, the traffic from workstations must pass through a firewall.
You have been asked to review the firewall configuration to ensure that workstations in network 10.10.10.0/24 can only reach the bank web site 10.20.20.1 using https.
Which of the following firewall rules meets this requirement?
A. if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 443) then permit
B. if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 80 or 443) then permit
C. if (source matches 10.10.10.0 and destination matches 10.20.20.1 and port matches 443) then permit
Answer: A
QUESTION 708
companyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware.
A. Source code review
B. Reviewing the firewalls configuration
C. Data items and vulnerability scanning
D. Interviewing employees and network engineers
Answer: A
QUESTION 709
Jim’s company regularly performs backups of their critical servers. But the company can’t afford to send backup tapes to an off-site vendor for long term storage and archiving. Instead Jim’s company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from this year’s audit show a risk because backup tapes aren’t stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?
A. Encrypt the backup tapes and use a courier to transport them.
B. Encrypt the backup tapes and transport them in a lock box
C. Degauss the backup tapes and transport them in a lock box.
D. Hash the backup tapes and transport them in a lock box.
Answer: B
QUESTION 710
As part of extracting the system data, Jenifer has used the netstat command. What does this tool reveal?
A. Status of users connected to the internet
B. Net status of computer usage
C. Information about network connections
D. Status of network hardware
Answer: C
QUESTION 711
Which of the following files contains the traces of the applications installed, run, or uninstalled from a system?
A. Virtual Files
B. Image Files
C. Shortcut Files
D. Prefetch Files
Answer: C
QUESTION 712
Amber, a black hat hacker, has embedded malware into a small enticing advertisement and posted it on a popular ad-network that displays across various websites. What is she doing?
A. Malvertising
B. Compromising a legitimate site
C. Click-jacking
D. Spearphishing
Answer: A
QUESTION 713
Buffer overflow vulnerabilities, of web applications, occurs when the application fails to guard its buffer properly and allows writing beyond its maximum size. Thus, it overwrites the _________. There are multiple forms of buffer overflow, including a Heap Buffer Overflow and a Format String Attack.
A. Adjacent buffer locations
B. Adjacent string locations
C. Adjacent bit blocks
D. Adjacent memory locations
Answer: D
QUESTION 714
Which of the following is NOT an anti-forensics technique?
A. Data Deduplication
B. Password Protection
C. Encryption
D. Steganography
Answer: A
QUESTION 715
Select the tool appropriate for finding the dynamically linked lists of an application or malware.
A. SysAnalyzer
B. ResourcesExtract
C. PEiD
D. Dependency Walker
Answer: D
QUESTION 716
Bob has encountered a system crash and has lost vital data stored on the hard drive of his Windows computer. He has no cloud storage or backup hard drives. He wants to recover all the data, which includes his personal photos, music, documents, videos, official emails, etc. Which of the following tools shall resolve Bob’s purpose?
A. Cain & Abel
B. Recuva
C. Xplico
D. Colasoft’s Capsa
Answer: B
QUESTION 717
In a computer that has Dropbox client installed, which of the following files related to the Dropbox client store information about local Dropbox installation and the Dropbox user account, along with email IDs linked with the account?
A. config.db
B. install.db
C. sigstore.db
D. filecache.db
Answer: A
QUESTION 718
Robert is a regional manager working in a reputed organization. One day, he suspected malware attack after unwanted programs started to popup after logging into his computer. The network administrator was called upon to trace out any intrusion on the computer and he/she finds that suspicious activity has taken place within Autostart locations. In this situation, which of the following tools is used by the network administrator to detect any intrusion on a system?
A. Hex Editor
B. Internet Evidence Finder
C. Process Monitor
D. Report Viewer
Answer: C
QUESTION 719
What do you call the process of studying the changes that have taken place across a system or a machine after a series of actions or incidents?
A. Windows Services Monitoring
B. System Baselining
C. Start-up Programs Monitoring
D. Host integrity Monitoring
Answer: D
QUESTION 720
Self-Monitoring, Analysis, and Reporting Technology (SMART) is built into the hard drives to monitor and report system activity. Which of the following is included in the report generated by SMART?
A. Power Off time
B. Logs of high temperatures the drive has reached
C. All the states (running and discontinued) associated with the OS
D. List of running processes
Answer: B
QUESTION 721
Data Files contain Multiple Data Pages, which are further divided into Page Header, Data Rows, and Offset Table. Which of the following is true for Data Rows?
A. Data Rows store the actual data
B. Data Rows present Page type. Page ID, and so on
C. Data Rows point to the location of actual data
D. Data Rows spreads data across multiple databases
Answer: B
QUESTION 722
In Windows, prefetching is done to improve system performance. There are two types of prefetching:
boot prefetching and application prefetching.
During boot prefetching, what does the Cache Manager do?
A. Determines the data associated with value EnablePrefetcher
B. Monitors the first 10 seconds after the process is started
C. Checks whether the data is processed
D. Checks hard page faults and soft page faults
Answer: C
QUESTION 723
The MAC attributes are timestamps that refer to a time at which the file was last modified or last accessed or originally created. Which of the following file systems store MAC attributes in Coordinated Universal Time (UTC) format?
A. File Allocation Table (FAT
B. New Technology File System (NTFS)
C. Hierarchical File System (HFS)
D. Global File System (GFS)
Answer: B
QUESTION 724
Robert, a cloud architect, received a huge bill from the cloud service provider, which usually doesn’t happen. After analyzing the bill, he found that the cloud resource consumption was very high. He then examined the cloud server and discovered that a malicious code was running on the server, which was generating huge but harmless traffic from the server. This means that the server has been compromised by an attacker with the sole intention to hurt the cloud customer financially. Which attack is described in the above scenario?
A. XSS Attack
B. DDoS Attack (Distributed Denial of Service)
C. Man-in-the-cloud Attack
D. EDoS Attack (Economic Denial of Service)
Answer: B
QUESTION 725
What is the role of Alloc.c in Apache core?
A. It handles allocation of resource pools
B. It is useful for reading and handling of the configuration files
C. It takes care of all the data exchange and socket connections between the client and the server
D. It handles server start-ups and timeouts
Answer: A
QUESTION 726
Which of the following statements is true regarding SMTP Server?
A. SMTP Server breaks the recipient’s address into Recipient’s name and his/her designation before passing it to the DNS Server
B. SMTP Server breaks the recipient’s address into Recipient’s name and recipient’s address before passing it to the DNS Server
C. SMTP Server breaks the recipient’s address into Recipient’s name and domain name before passing it to the DNS Server
D. SMTP Server breaks the recipient’s address into Recipient’s name and his/her initial before passing it to the DNS Server
Answer: C
QUESTION 727
Which ISO Standard enables laboratories to demonstrate that they comply with quality assurance and provide valid results?
A. ISO/IEC 16025
B. ISO/IEC 18025
C. ISO/IEC 19025
D. ISO/IEC 17025
Answer: D
QUESTION 728
Which type of attack is possible when attackers know some credible information about the victim’s password, such as the password length, algorithms involved, or the strings and characters used in its creation?
A. Rule-Based Attack
B. Brute-Forcing Attack
C. Dictionary Attack
D. Hybrid Password Guessing Attack
Answer: A
QUESTION 729
In which of these attacks will a steganalyst use a random message to generate a stego-object by using some steganography tool, to find the steganography algorithm used to hide the information?
A. Chosen-message attack
B. Known-cover attack
C. Known-message attack
D. Known-stego attack
Answer: A
QUESTION 730
Which of these Windows utility help you to repair logical file system errors?
A. Resource Monitor
B. Disk cleanup
C. Disk defragmenter
D. CHKDSK
Answer: D
QUESTION 731
Identify the term that refers to individuals who, by virtue of their knowledge and expertise, express an independent opinion on a matter related to a case based on the information that is provided.
A. Expert Witness
B. Evidence Examiner
C. Forensic Examiner
D. Defense Witness
Answer: A
QUESTION 732
Steve, a forensic investigator, was asked to investigate an email incident in his organization. The organization has Microsoft Exchange Server deployed for email communications. Which among the following files will Steve check to analyze message headers, message text, and standard attachments?
A. PUB.EDB
B. PRIV.EDB
C. PUB.STM
D. PRIV.STM
Answer: B
QUESTION 733
Which of the following information is displayed when Netstat is used with -ano switch?
A. Ethernet statistics
B. Contents of IP routing table
C. Details of routing table
D. Details of TCP and UDP connections
Answer: D
QUESTION 734
While collecting Active Transaction Logs using SQL Server Management Studio, the query Select * from ::fn_dblog(NULL, NULL) displays the active portion of the transaction log file. Here, assigning NULL values implies?
A. Start and end points for log sequence numbers are specified
B. Start and end points for log files are not specified
C. Start and end points for log files are specified
D. Start and end points for log sequence numbers are not specified
Answer: B
QUESTION 735
Which of the following statements is TRUE with respect to the Registry settings in the user start-up folder HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\.
A. All the values in this subkey run when specific user logs on, as this setting is user-specific
B. The string specified in the value run executes when user logs on
C. All the values in this key are executed at system start-up
D. All values in this subkey run when specific user logs on and then the values are deleted
Answer: D
QUESTION 736
Which cloud model allows an investigator to acquire the instance of a virtual machine and initiate the forensics examination process?
A. PaaS model
B. IaaS model
C. SaaS model
D. SecaaS model
Answer: B
QUESTION 737
An attacker successfully gained access to a remote Windows system and plans to install persistent backdoors on it. Before that, to avoid getting detected in future, he wants to cover his tracks by disabling the last-accessed timestamps of the machine. What would he do to achieve this?
A. Set the registry value of HKLM\SYSTEM\CurrentControlSet\Control\FileSystem\NtfsDisableLastAccessUpdate to 0
B. Run the command fsutil behavior set disablelastaccess 0
C. Set the registry value of HKLM\SYSTEM\CurrentControlSet\Control\FileSystem\NtfsDisableLastAccessUpdate to 1
D. Run the command fsutil behavior set enablelastaccess 0
Answer: C
QUESTION 738
Which of the following web browser uses the Extensible Storage Engine (ESE) database format to store browsing records, including history, cache, and cookies?
A. Safari
B. Mozilla Firefox
C. Microsoft Edge
D. Google Chrome
Answer: C
QUESTION 739
Which U.S. law sets the rules for sending emails for commercial purposes, establishes the minimum requirements for commercial messaging, gives the recipients of emails the right to ask the senders to stop emailing them, and spells out the penalties in case the above said rules are violated?
A. NO-SPAM Act
B. American: NAVSO P-5239-26 (RLL)
C. CAN-SPAM Act
D. American: DoD 5220.22-M
Answer: C
QUESTION 740
Which of the following statements is TRUE about SQL Server error logs?
A. SQL Server error logs record all the events occurred on the SQL Server and its databases
B. Forensic investigator uses SQL Server Profiler to view error log files
C. Error logs contain IP address of SQL Server client connections
D. Trace files record, user-defined events, and specific system events
Answer: B
QUESTION 741
Which among the following tools can help a forensic investigator to access the registry files during postmortem analysis?
A. RegistryChangesView
B. RegDIIView
C. RegRipper
D. ProDiscover
Answer: C
QUESTION 742
Consider that you are investigating a machine running an Windows OS released prior to Windows VistA. You are trying to gather information about the deleted files by examining the master database file named INFO2 located at C:\Recycler\<USER SID>\. You read an entry named “Dd5.exe”. What does Dd5.exe mean?
A. D drive. fifth file deleted, a .exe file
B. D drive, fourth file restored, a .exe file
C. D drive, fourth file deleted, a .exe file
D. D drive, sixth file deleted, a .exe file
Answer: B
QUESTION 743
Which Linux command when executed displays kernel ring buffers or information about device drivers loaded into the kernel?
A. pgrep
B. dmesg
C. fsck
D. grep
Answer: B
QUESTION 744
A section of your forensics lab houses several electrical and electronic equipment. Which type of fire extinguisher you must install in this area to contain any fire incident?
A. Class B
B. Class D
C. Class C
D. Class A
Answer: C
QUESTION 745
Checkpoint Firewall logs can be viewed through a Check Point Log viewer that uses icons and colors in the log table to represent different security events and their severity.
What does the icon in the checkpoint logs represent?
A. The firewall rejected a connection
B. A virus was detected in an email
C. The firewall dropped a connection
D. An email was marked as potential spam
Answer: C
QUESTION 746
In which cloud crime do attackers try to compromise the security of the cloud environment in order to steal data or inject a malware?
A. Cloud as an Object
B. Cloud as a Tool
C. Cloud as an Application
D. Cloud as a Subject
Answer: D
QUESTION 747
POP3 is an Internet protocol, which is used to retrieve emails from a mail server. Through which port does an email client connect with a POP3 server?
A. 110
B. 143
C. 25
D. 993
Answer: A
QUESTION 748
James, a hacker, identifies a vulnerability in a website. To exploit the vulnerability, he visits the login page and notes down the session ID that is created. He appends this session ID to the login URL and shares the link with a victim. Once the victim logs into the website using the shared URL, James reloads the webpage (containing the URL with the session ID appended) and now, he can browse the active session of the victim. Which attack did James successfully execute?
A. Cross Site Request Forgery
B. Cookie Tampering
C. Parameter Tampering
D. Session Fixation Attack
Answer: D
QUESTION 749
Which of the following components within the android architecture stack take care of displaying windows owned by different applications?
A. Media Framework
B. Surface Manager
C. Resource Manager
D. Application Framework
Answer: D
QUESTION 750
Which among the following web application threats is resulted when developers expose various internal implementation objects, such as files, directories, database records, or key-through references?
A. Remote File Inclusion
B. Cross Site Scripting
C. Insecure Direct Object References
D. Cross Site Request Forgery
Answer: C
QUESTION 751
What does Locard’s Exchange Principle state?
A. Any information of probative value that is either stored or transmitted in a digital form
B. Digital evidence must have some characteristics to be disclosed in the court of law
C. Anyone or anything, entering a crime scene takes something of the scene with them, and leaves something of themselves behind when they leave
D. Forensic investigators face many challenges during forensics investigation of a digital crime, such as extracting, preserving, and analyzing the digital evidence
Answer: C
QUESTION 752
Smith is an IT technician that has been appointed to his company’s network vulnerability assessment team. He is the only IT employee on the team. The other team members include employees from Accounting, Management, Shipping, and Marketing. Smith and the team members are having their first meeting to discuss how they will proceed. What is the first step they should do to create the network vulnerability assessment plan?
A. Their first step is to make a hypothesis of what their final findings will be.
B. Their first step is to create an initial Executive report to show the management team.
C. Their first step is to analyze the data they have currently gathered from the company or interviews.
D. Their first step is the acquisition of required documents, reviewing of security policies and compliance.
Answer: D
Resources From:
1.2022 Latest Braindump2go 312-49v10 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/312-49v10.html
2.2022 Latest Braindump2go 312-49v10 PDF and 312-49v10 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1r0yGepG-AIO5ksrNsA_-GhqjWWFE7IQ4?usp=sharing
3.2021 Free Braindump2go 312-49v10 Exam Questions Download:
https://www.braindump2go.com/free-online-pdf/312-49v10-PDF-Dumps(701-752).pdf
Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!