Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

ECCouncil Updated 312-49v10 Exam Questions and Answers by ffion

Page: 11 / 26

ECCouncil 312-49v10 Exam Overview :

Exam Name: Computer Hacking Forensic Investigator (CHFI-v10)
Exam Code: 312-49v10 Dumps
Vendor: ECCouncil Certification: CHFI v10
Questions: 704 Q&A's Shared By: ffion
Question 44

A honey pot deployed with the IP was compromised by an attacker. Given below is an excerpt from a Snort binary capture of the attack. Decipher the activity carried out by the attacker by studying the log. Please note that you are required to infer only what is explicit in the excerpt.

(Note: The student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump.)

03/15-20:21:24.107053 ->

TCP TTL:43 TOS:0x0 ID:29726 IpLen:20 DgmLen:52 DF

***A**** Seq: 0x9B6338C5 Ack: 0x5820ADD0 Win: 0x7D78 TcpLen: 32

TCP Options (3) => NOP NOP TS: 23678634 2878772


03/15-20:21:24.452051 ->

UDP TTL:43 TOS:0x0 ID:29733 IpLen:20 DgmLen:84

Len: 64

01 0A 8A 0A 00 00 00 00 00 00 00 02 00 01 86 A0 ................

00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 00 ................

00 00 00 00 00 00 00 00 00 01 86 B8 00 00 00 01 ................

00 00 00 11 00 00 00 00 ........


03/15-20:21:24.730436 ->

UDP TTL:43 TOS:0x0 ID:29781 IpLen:20 DgmLen:1104

Len: 1084

47 F7 9F 63 00 00 00 00 00 00 00 02 00 01 86 B8



The attacker has conducted a network sweep on port 111


The attacker has scanned and exploited the system using Buffer Overflow


The attacker has used a Trojan on port 32773


The attacker has installed a backdoor

Question 45

You have completed a forensic investigation case. You would like to destroy the data contained in various disks at the forensics lab due to sensitivity of the case. How would you permanently erase the data on the hard disk?



Throw the hard disk into the fire


Run the powerful magnets over the hard disk


Format the hard disk multiple times using a low level disk utility


Overwrite the contents of the hard disk with Junk data

Question 46

When you carve an image, recovering the image depends on which of the following skills?



Recognizing the pattern of the header content


Recovering the image from a tape backup


Recognizing the pattern of a corrupt file


Recovering the image from the tape backup

Question 47

Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test.

The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable. What kind of results did Jim receive from his vulnerability analysis?



False negatives


False positives


True negatives


True positives

I passed my exam. Cramkey Dumps provides detailed explanations for each question and answer, so you can understand the concepts better.
Alisha (not set)
I recently used their dumps for the certification exam I took and I have to say, I was really impressed.
Yayyy!!! I passed my exam with the help of Cramkey Dumps. Highly appreciated!!!!
Angus (not set)
YES….. I saw the same questions in the exam.
I highly recommend Cramkey Dumps to anyone preparing for the certification exam.
Mollie (not set)
Absolutely. They really make it easier to study and retain all the important information. I'm so glad I found Cramkey Dumps.
These Dumps are amazing! I used them to study for my recent exam and I passed with flying colors. The information in the dumps is so valid and up-to-date. Thanks a lot!!!
Zofia (not set)
That's great to hear! I've been struggling to find good study material for my exam. I will ty it for sure.
I passed, Thank you Cramkey for your precious Dumps.
Stella (not set)
That's great. I think I'll give Cramkey Dumps a try.
Page: 11 / 26


$35  $99.99

312-49v10 Testing Engine

$42  $119.99

312-49v10 PDF + Testing Engine

$56  $159.99