New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

PDF 412-79 Study Guide

Page: 2 / 8
Question 8

Bob has been trying to penetrate a remote production system for the past tow weeks. This time however, he is able to get into the system. He was able to use the System for a period of three weeks. However law enforcement agencies were recoding his every activity and this was later presented as evidence. The organization had used a Virtual Environment to trap BoB. What is a Virtual Environment?

Options:

A.

A Honeypot that traps hackers

B.

A system Using Trojaned commands

C.

An environment set up after the user logs in

D.

An environment set up before an user logs in

Question 9

When cataloging digital evidence, the primary goal is to:

Options:

A.

Make bit-stream images of all hard drives

B.

Preserve evidence integrity

C.

Not remove the evidence from the scene

D.

Not allow the computer to be turned off

Question 10

With Regard to using an Antivirus scanner during a computer forensics investigation, You should:

Options:

A.

Scan the suspect hard drive before beginning an investigation

B.

Never run a scan on your forensics workstation because it could change your systems configuration

C.

Scan your forensics workstation at intervals of no more than once every five minutes during an investigation

D.

Scan your Forensics workstation before beginning an investigation

Question 11

You are assisting in the investigation of a possible Web Server Hack. The company who called you stated that customers reported to them that whenever they entered the web address of the company in their browser, what they received was a porno graphic web site. The company checked the web server and nothing appears wrong. When you type in the IP address of the web site in your browser everything appears normal. What is the name of the attack that affects the DNS cache of the name resolution servers, resulting in those servers directing users to the wrong web site?

Options:

A.

ARP Poisoning

B.

DNS Poisoning

C.

HTTP redirect attack

D.

IP Spoofing

Page: 2 / 8
Exam Code: 412-79
Exam Name: EC-Council Certified Security Analyst (ECSA)
Last Update: Dec 22, 2024
Questions: 203
412-79 pdf

412-79 PDF

$25.5  $84.99
412-79 Engine

412-79 Testing Engine

$28.5  $94.99
412-79 PDF + Engine

412-79 PDF + Testing Engine

$40.5  $134.99