FreeCram
  1. Home
  2. EC-COUNCIL
  3. Computer Hacking Forensic Investigator (CHFI-v10)
  4. EC-COUNCIL.312-49v10.v2022-03-08.q112
  5. Question 76

Valid 312-49v10 Dumps shared by ExamDiscuss.com for Helping Passing 312-49v10 Exam! ExamDiscuss.com now offer the newest 312-49v10 exam dumps, the ExamDiscuss.com 312-49v10 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 312-49v10 dumps with Test Engine here:

Access 312-49v10 Dumps Premium Version
(706 Q&As Dumps, 35%OFF Special Discount Code: freecram)

<< Prev Question Next Question >>

Question 76/112

Gill is a computer forensics investigator who has been called upon to examine a seized computer. This computer, according to the police, was used by a hacker who gained access to numerous banking institutions to steal customer information. After preliminary investigations, Gill finds in the computer's log files that the hacker was able to gain access to these banks through the use of Trojan horses. The hacker then used these Trojan horses to obtain remote access to the companies' domain controllers. From this point, Gill found that the hacker pulled off the SAM files from the domain controllers to then attempt and crack network passwords. What is the most likely password cracking technique used by this hacker to break the user passwords from the SAM files?

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (112q)
Question 1: Smith, a forensic examiner, was analyzing a hard disk image ...
Question 2: To which phase of the Computer Forensics Investigation Proce...
Question 3: In conducting a computer abuse investigation you become awar...
Question 4: Study the log given below and answer the following question:...
Question 5: Kyle is performing the final testing of an application he de...
Question 6: Which of the following refers to the data that might still e...
Question 7: What will the following command accomplish? dd if=/dev/xxx o...
Question 8: Checkpoint Firewall logs can be viewed through a Check Point...
Question 9: Which one of the following is not a first response procedure...
Question 10: During the course of a corporate investigation, you find tha...
Question 11: While looking through the IIS log file of a web server, you ...
Question 12: Under which Federal Statutes does FBI investigate for comput...
Question 13: If you discover a criminal act while investigating a corpora...
Question 14: An International Mobile Equipment Identifier (IMEI) is a 15-...
Question 15: While searching through a computer under investigation, you ...
Question 16: Office Documents (Word, Excel and PowerPoint) contain a code...
Question 17: When investigating a network that uses DHCP to assign IP add...
Question 18: You are assisting a Department of Defense contract company t...
Question 19: The MAC attributes are timestamps that refer to a time at wh...
Question 20: In which cloud crime do attackers try to compromise the secu...
Question 21: Jim's company regularly performs backups of their critical s...
Question 22: What technique used by Encase makes it virtually impossible ...
Question 23: Davidson Trucking is a small transportation company that has...
Question 24: Consider that you are investigating a machine running an Win...
Question 25: What header field in the TCP/IP protocol stack involves the ...
Question 26: Which of the following tools will help the investigator to a...
Question 27: While working for a prosecutor, what do you think you should...
Question 28: You are trying to locate Microsoft Outlook Web Access Defaul...
Question 29: Which of the following attack uses HTML tags like &lt;script...
Question 30: When investigating a computer forensics case where Microsoft...
Question 31: You have been asked to investigate after a user has reported...
Question 32: Event correlation is the process of finding relevance betwee...
Question 33: In both pharming and phishing attacks an attacker can create...
Question 34: What is one method of bypassing a system BIOS password?...
Question 35: In which of these attacks will a steganalyst use a random me...
Question 36: You work as an IT security auditor hired by a law firm in Bo...
Question 37: Harold is finishing up a report on a case of network intrusi...
Question 38: Casey has acquired data from a hard disk in an open source a...
Question 39: What is an investigator looking for in the rp.log file store...
Question 40: When investigating a potential e-mail crime, what is your fi...
Question 41: What is considered a grant of a property right given to an i...
Question 42: Which program is the bootloader when Windows XP starts up?...
Question 43: Identify the file system that uses $BitMap file to keep trac...
Question 44: When reviewing web logs, you see an entry for resource not f...
Question 45: Which of the following statements is TRUE about SQL Server e...
Question 46: Jason discovered a file named $RIYG6VR.doc in the C:\$Recycl...
Question 47: Which of the following is a part of a Solid-State Drive (SSD...
Question 48: After attending a CEH security seminar, you make a list of c...
Question 49: Meyer Electronics Systems just recently had a number of lapt...
Question 50: One technique for hiding information is to change the file e...
Question 51: Randy has extracted data from an old version of a Windows-ba...
Question 52: Harold is a computer forensics investigator working for a co...
Question 53: Jason has set up a honeypot environment by creating a DMZ th...
Question 54: Self-Monitoring, Analysis, and Reporting Technology (SMART) ...
Question 55: You are running known exploits against your network to test ...
Question 56: Before performing a logical or physical search of a drive in...
Question 57: What type of attack sends SYN requests to a target system wi...
Question 58: What is the target host IP in the following command?...
Question 59: A suspect is accused of violating the acceptable use of comp...
Question 60: Steve, a forensic investigator, was asked to investigate an ...
Question 61: What method of computer forensics will allow you to trace al...
Question 62: What is the location of the binary files required for the fu...
Question 63: Which component in the hard disk moves over the platter to r...
Question 64: When setting up a wireless network with multiple access poin...
Question 65: Andie, a network administrator, suspects unusual network ser...
Question 66: To check for POP3 traffic using Ethereal, what port should a...
Question 67: In a FAT32 system, a 123 KB file will use how many sectors?...
Question 68: You are working as an independent computer forensics investi...
Question 69: Hard disk data addressing is a method of allotting addresses...
Question 70: Which of the following is an iOS Jailbreaking tool?...
Question 71: Given the drive dimensions as follows and assuming a sector ...
Question 72: Which of the following standard represents a legal precedent...
Question 73: Adam, a forensic investigator, is investigating an attack on...
Question 74: In which registry does the system store the Microsoft securi...
Question 75: Billy, a computer forensics expert, has recovered a large nu...
Question 76: Gill is a computer forensics investigator who has been calle...
Question 77: Which of the following web browser uses the Extensible Stora...
Question 78: Which of the following is NOT a part of pre-investigation ph...
Question 79: In a computer forensics investigation, what describes the ro...
Question 80: Which of the following statements is TRUE with respect to th...
Question 81: The Apache server saves diagnostic information and error mes...
Question 82: What type of file is represented by a colon (:) with a name ...
Question 83: Which of the following Event Correlation Approach is an adva...
Question 84: What is the role of Alloc.c in Apache core?...
Question 85: What type of attack sends spoofed UDP packets (instead of pi...
Question 86: Which of the following processes is part of the dynamic malw...
Question 87: Watson, a forensic investigator, is examining a copy of an I...
Question 88: What must be obtained before an investigation is carried out...
Question 89: Which ISO Standard enables laboratories to demonstrate that ...
Question 90: What is the smallest physical storage unit on a hard drive?...
Question 91: What is the size value of a nibble?...
Question 92: As a CHFI professional, which of the following is the most i...
Question 93: What advantage does the tool Evidor have over the built-in W...
Question 94: Preparing an image drive to copy files to is the first step ...
Question 95: Which of the following files stores information about a loca...
Question 96: When investigating a Windows System, it is important to view...
Question 97: Select the data that a virtual memory would store in a Windo...
Question 98: Shane has started the static analysis of a malware and is us...
Question 99: Which legal document allows law enforcement to search an off...
Question 100: When an investigator contacts by telephone the domain admini...
Question 101: Lance wants to place a honeypot on his network. Which of the...
Question 102: Jack Smith is a forensics investigator who works for Mason C...
Question 103: What layer of the OSI model do TCP and UDP utilize?...
Question 104: This is original file structure database that Microsoft orig...
Question 105: You are working in the security Department of law firm. One ...
Question 106: Annie is searching for certain deleted files on a system run...
Question 107: Which among the following U.S. laws requires financial insti...
Question 108: Graphics Interchange Format (GIF) is a ____ RGB bitmap image...
Question 109: If you plan to startup a suspect's computer, you must modify...
Question 110: What must an attorney do first before you are called to test...
Question 111: Harold is a security analyst who has just run the rdisk /s c...
Question 112: When a user deletes a file, the system creates a $I file to ...