New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Full Access ECCouncil 312-49v10 Tutorials

Page: 26 / 26
Question 104

Maria has executed a suspicious executable file In a controlled environment and wants to see if the file adds/modifies any registry value after execution via Windows Event Viewer. Which of the following event ID should she look for In this scenario?

Options:

A.

Event ID 4657

B.

Event ID 4624

C.

Event ID 4688

D.

Event ID 7040

Question 105

Harry has collected a suspicious executable file from an infected system and seeks to reverse its machine code to Instructions written in assembly language. Which tool should he use for this purpose?

Options:

A.

Ollydbg

B.

oledump

C.

HashCalc

D.

BinText

Page: 26 / 26
Exam Code: 312-49v10
Exam Name: Computer Hacking Forensic Investigator (CHFI-v10)
Last Update: Dec 22, 2024
Questions: 704
312-49v10 pdf

312-49v10 PDF

$25.5  $84.99
312-49v10 Engine

312-49v10 Testing Engine

$28.5  $94.99
312-49v10 PDF + Engine

312-49v10 PDF + Testing Engine

$40.5  $134.99