ECcouncil CHFI 312-49v10
Q: 1
What is the default IIS log location?
Options
Q: 2
Charles has accidentally deleted an important file while working on his Mac computer. He wants to
recover the deleted file as it contains some of his crucial business secrets. Which of the following tool
will help Charles?
Options
Q: 3
Which file is a sequence of bytes organized into blocks understandable by the system’s linker?
Options
Q: 4
In both pharming and phishing attacks an attacker can create websites that look similar to legitimate
sites with the intent of collecting personal identifiable information from its victims. What is the
difference between pharming and phishing attacks?
Options
Q: 5
Jacky encrypts her documents using a password. It is known that she uses her daughter’s year of
birth as part of the password. Which password cracking technique would be optimal to crack her
password?
Options
Q: 6
Shane has started the static analysis of a malware and is using the tool ResourcesExtract to find more
details of the malicious program. What part of the analysis is he performing?
Options
Q: 7
Jason discovered a file named $RIYG6VR.doc in the C:\$Recycle.Bin\\ while analyzing a
hard disk image for the deleted dat
a. What inferences can he make from the file name?
Options
Q: 8
A forensic examiner is examining a Windows system seized from a crime scene. During the
examination of a suspect file, he discovered that the file is password protected. He tried guessing the
password using the suspect’s available information but without any success. Which of the following
tool can help the investigator to solve this issue?
Options
Q: 9
Which of the following attacks allows an attacker to access restricted directories, including
application source code, configuration and critical system files, and to execute commands outside of
the web server’s root directory?
Options
Q: 10
Report writing is a crucial stage in the outcome of an investigation. Which information should not be
included in the report section?
Options
Question 1 of 10
