Free EC0-479 Questions Attempt

Page: 7 / 8

Question 28

Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is Jessica going to perform?

Options:

Smurf scan

Tracert

Ping trace

ICMP ping sweep

Question 29

You have been asked to investigate after a user has reported a threatening e-mail they have received from an external source. Which of the following are you most interested in when trying to trace the source of the message?

Options:

The X509 Address

The SMTP reply Address

The E-mail Header

The Host Domain Name

Question 30

Volatile Memory is one of the leading problems for forensics. Worms such as code Red are memory resident and do write themselves to the hard drive, if you turn the system off they disappear. In a lab environment, which of the following options would you suggest as the most appropriate to overcome the problem of capturing volatile memory?

Options:

Use Vmware to be able to capture the data in memory and examine it

Give the Operating System a minimal amount of memory, forcing it to use a swap file

Create a Separate partition of several hundred megabytes and place the swap file there

Use intrusion forensic techniques to study memory resident infections

Question 31

During the course of a corporate investigation, you find that an Employee is committing a crime. Can the Employer file a criminal complain with Police?