Bob, a forensic investigator, is investigating a live Windows system found at a crime scene. In this process, Bob extracted subkeys containing information such as SAM. Security, and software using an automated tool called FTK Imager.
Which of the following Windows Registry hives' subkeys provide the above information to Bob?
A. HKEY LOCAL MACHINE
B. HKEY CURRENT USER
C. H KEY-CLASSES. ROOT
D. HKEY .CURRENT CONFIG
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Peter, an attacker aiming to disrupt organizational services, targeted a configuration protocol that issues IP addresses to host systems. To disrupt the issuance of IP addresses. Peter flooded the target server with spoofed MAC addresses so that valid users cannot receive IP addresses to access the network.
Identify the type of attack Peter has performed in the above scenario.
A. ARP spoofing
B. Ping-of-death attack
C. DHCP starvation attack
D. Session hijacking
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
Cheryl, a forensic expert, was recruited to investigate a malicious activity performed by an anonymous hackers' group on an organization's systems. Using an automated tool, Cheryl was able to extract the malware file and analyze the assembly code instructions, which helped him understand the malware's purpose.
Which of the following tools helped Cheryl extract and analyze the assembly code of the malware?
A. OllyDbg
B. Virtual Box
C. VMware vSphere
D. QualNet
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Bob, a forensic investigator, was instructed to review a Windows machine and identify any anonymous activities performed using it. In this process. Bob used the command "netstat -ano" to view all the active connections in the system and determined that the connections established by the Tor browser were closed.
Which of the following states of the connections established by Tor indicates that the Tor browser is closed?
A. LISTENING
B. TIMEWAIT
C. CLOSE WAIT
D. ESTABLISHED
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Mary was surfing the Internet, and she wanted to hide her details and the content she was surfing over the web.
She employed a proxy tool that makes his online activity untraceable.
Identify the type of proxy employed by John in the above scenario.
A. Reverse proxy
B. SOCKS proxy
C. Explicit proxy
D. Anonvmous proxy
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
Clark, a digital forensic expert, was assigned to investigate a malicious activity performed on an organization's network. The organization provided Clark with all the information related to the incident. In this process, he assessed the impact of the incident on the organization, reasons for and source of the incident, steps required to tackle the incident, investigating team required to handle the case, investigative procedures, and possible outcome of the forensic process.
Identify the type of analysis performed by Clark in the above scenario.
A. Log analysis
B. Traffic analysis
C. Data analysis
D. Case analysis
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
Mark, a network administrator in an organization, was assigned the task of preventing data from falling into the wrong hands. In this process, Mark implemented authentication techniques and performed full memory encryption for the data stored on RAM.
In which of the following states has Steve encrypted the data in the above scenario?
A. Data in rest
B. Data in transit
C. Data in use
D. Data inactive
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
Bob, a network administrator in a company, manages network connectivity to 200 employees in six different rooms. Every employee has their own laptop to connect to the Internet through a wireless network, but the company has only one broadband connection.
Which of the following types of wireless networks allows Bob to provide Internet access to every laptop and bring all the devices to a single network?
A. Extension to wired network
B. LAN to LAN wireless network
C. Multiple wireless access points
D. 3G/4G hotspot
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 9:
Peter, a network defender, was instructed to protect the corporate network from unauthorized access. To achieve this, he employed a security solution for wireless communication that uses dragonfly key exchange for authentication, which is the strongest encryption algorithm that protects the network from dictionary and key recovery attacks.
Identify the wireless encryption technology implemented in the security solution selected by Peter in the above scenario.
A. EAP
B. WEP
C. WPA3
D. WPA
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
かと** -
仕事で使うようになり勉強開始。
偏差値真ん中くらいの自分でも、内容もわかりやすくて助かります!試験は受けないので、ECSS勉強にいいかも。