New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Newly Released ECCouncil 412-79 Exam PDF

Page: 4 / 8
Question 16

This organization maintains a database of hash signatures for known software:

Options:

A.

International Standards Organization

B.

Institute of Electrical and Electronics Engineers

C.

National Software Reference Library

D.

American National standards Institute

Question 17

Volatile Memory is one of the leading problems for forensics. Worms such as code Red are memory resident and do write themselves to the hard drive, if you turn the system off they disappear. In a lab environment, which of the following options would you suggest as the most appropriate to overcome the problem of capturing volatile memory?

Options:

A.

Use Vmware to be able to capture the data in memory and examine it

B.

Give the Operating System a minimal amount of memory, forcing it to use a swap file

C.

Create a Separate partition of several hundred megabytes and place the swap file there

D.

Use intrusion forensic techniques to study memory resident infections

Question 18

During the course of a corporate investigation, you find that an Employee is committing a crime. Can the Employer file a criminal complain with Police?

Options:

A.

Yes, and all evidence can be turned over to the police

B.

Yes, but only if you turn the evidence over to a federal law enforcement agency

C.

No, because the investigation was conducted without following standard police procedures

D.

No, because the investigation was conducted without warrant

Question 19

Printing under a Windows Computer normally requires which one of the following files types to be created?

Options:

A.

EME

B.

MEM

C.

EMF

D.

CME

Page: 4 / 8
Exam Code: 412-79
Exam Name: EC-Council Certified Security Analyst (ECSA)
Last Update: Dec 22, 2024
Questions: 203
412-79 pdf

412-79 PDF

$25.5  $84.99
412-79 Engine

412-79 Testing Engine

$28.5  $94.99
412-79 PDF + Engine

412-79 PDF + Testing Engine

$40.5  $134.99