New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Legit 312-49v10 Exam Download

Page: 19 / 26
Question 76

Volatile Memory is one of the leading problems for forensics. Worms such as code Red are memory resident and do write themselves to the hard drive, if you turn the system off they disappear. In a lab environment, which of the following options would you suggest as the most appropriate to overcome the problem of capturing volatile memory?

Options:

A.

Use VMware to be able to capture the data in memory and examine it

B.

Give the Operating System a minimal amount of memory, forcing it to use a swap file

C.

Create a Separate partition of several hundred megabytes and place the swap file there

D.

Use intrusion forensic techniques to study memory resident infections

Question 77

Kimberly is studying to be an IT security analyst at a vocational school in her town. The school offers many different programming as well as networking languages. What networking protocol language should she learn that routers utilize?

Options:

A.

ATM

B.

UDP

C.

BPG

D.

OSPF

Question 78

You are working as an independent computer forensics investigator and received a call from a systems administrator for a local school system requesting your assistance. One of the students at the local high school is suspected of downloading inappropriate images from the Internet to a PC in the Computer lab. When you arrive at the school, the systems administrator hands you a hard drive and tells you that he made a “simple backup copy” of the hard drive in the PC and put it on this drive and requests that you examine that drive for evidence of the suspected images. You inform him that a “simple backup copy” will not provide deleted files or recover file fragments.

What type of copy do you need to make to ensure that the evidence found is complete and admissible in future proceeding?

Options:

A.

Bit-stream Copy

B.

Robust Copy

C.

Full backup Copy

D.

Incremental Backup Copy

Question 79

In General, __________________ Involves the investigation of data that can be retrieved from the hard disk or other disks of a computer by applying scientific methods to retrieve the data.

Options:

A.

Network Forensics

B.

Data Recovery

C.

Disaster Recovery

D.

Computer Forensics

Page: 19 / 26
Exam Code: 312-49v10
Exam Name: Computer Hacking Forensic Investigator (CHFI-v10)
Last Update: Dec 22, 2024
Questions: 704
312-49v10 pdf

312-49v10 PDF

$25.5  $84.99
312-49v10 Engine

312-49v10 Testing Engine

$28.5  $94.99
312-49v10 PDF + Engine

312-49v10 PDF + Testing Engine

$40.5  $134.99