312-49V10 Online Practice Questions and Answers

A picture file is recovered from a computer under investigation. During the investigation process, the file is enlarged 500% to get a better view of its contents. The picture quality is not degraded at all from this process. What kind of picture is this file?its contents. The picture? quality is not degraded at all from this process. What kind of picture is this file?

A. Raster image

B. Vector image

C. Metafile image

D. Catalog image

Where are files temporarily written in Unix when printing?

A. /usr/spool

B. /var/print

C. /spool

D. /var/spool

Jason has set up a honeypot environment by creating a DMZ that has no physical or logical access to his production network. In this honeypot, he has placed a server running Windows Active Directory. He has also placed a Web server in the DMZ that services a number of web pages that offer visitors a chance to download sensitive information by clicking on a button. A week later, Jason finds in his network logs how an intruder accessed the honeypot and downloaded sensitive information. Jason uses the logs to try and prosecute the intruder for stealing sensitive corporate information. Why will this not be viable?

A. Enticement

B. Entrapment

C. Intruding into ahoneypot is not illegal

D. Intruding into a DMZ is not illegal

One way to identify the presence of hidden partitions on a suspect hard drive is to:One way to identify the presence of hidden partitions on a suspect? hard drive is to:

A. Add up the total size of all known partitions and compare it to the total size of the hard drive

B. Examine the FAT and identify hidden partitions by noting an ?in the artition Type?fieldExamine the FAT and identify hidden partitions by noting an ??in the ?artition Type?field

C. Examine the LILO and note an ?in the artition Type?fieldExamine the LILO and note an ??in the ? artition Type?field It is not possible to have hidden partitions on a hard drive

What is the target host IP in the following command? C:\> firewalk -F 80 10.10.150.1 172.16.28.95 -p UDP

A. 10.10.150.1

B. This command is using FIN packets, which cannot scan target hosts

C. Firewalk does not scan target hosts

D. 172.16.28.95

Which ISO Standard enables laboratories to demonstrate that they comply with quality assurance and provide valid results?

A. ISO/IEC 16025

B. ISO/IEC 18025

C. ISO/IEC 19025

D. ISO/IEC 17025

What does the bytes 0x0B-0x53 represent in the boot sector of NTFS volume on Windows 2000?

A. Jump instruction and the OEM ID

B. BIOS Parameter Block (BPB) and the OEM ID

C. BIOS Parameter Block (BPB) and the extended BPB

D. Bootstrap code and the end of the sector marker

What is the location of the binary files required for the functioning of the OS in a Linux system?

A. /run

B. /bin

C. /root

D. /sbin

What does the part of the log, “% SEC-6-IPACCESSLOGP”, extracted from a Cisco router represent?

A. The system was not able to process the packet because there was not enough room for all of the desired IP header options

B. Immediate action required messages

C. Some packet-matching logs were missed because the access list log messages were rate limited, or no access list log buffers were available

D. A packet matching the log criteria for the given access list has been detected (TCP or UDP)

BMP (Bitmap) is a standard file format for computers running the Windows operating system. BMP images can range from black and white (1 bit per pixel) up to 24 bit color (16.7 million colors). Each bitmap file contains a header, the RGBQUAD array, information header, and image data. Which of the following element specifies the dimensions, compression type, and color format for the bitmap?

A. Information header

B. Image data

C. The RGBQUAD array

D. Header