1149 お客様のコメント
質問 1:
What type of file is represented by a colon (:) with a name following it in the Master File Table of NTFS disk?
A. A reserved file
B. A Data stream file
C. A compressed file
D. An encrypted file
正解:B
質問 2:
John is working as a computer forensics investigator for a consulting firm in Canad a. He is called to seize a computer at a local web caf purportedly used as a botnet server. John thoroughly scans the computer and finds nothing that would lead him to think the computer was a botnet server. John decides to scan the virtual memory of the computer to possibly find something he had missed. What information will the virtual memory scan produce?
A. It contains the times and dates of all the system files
B. It is not necessary to scan the virtual memory of a computer
C. It contains the times and dates of when the system was last patched
D. Hidden running processes
正解:D
質問 3:
Which of these ISO standards define the file system for optical storage media, such as CD-ROM and DVD-ROM?
A. ISO 13346
B. ISO 13490
C. ISO 9660
D. ISO 9960
正解:C
質問 4:
What type of analysis helps to identify the time and sequence of events in an investigation?
A. Relational
B. Temporal
C. Functional
D. Time-based
正解:B
質問 5:
An on-site incident response team is called to investigate an alleged case of computer tampering within their company. Before proceeding with the investigation, the CEO informs them that the incident will be classified as low level. How long will the team have to respond to the incident?
A. Immediately
B. Two working days
C. One working day
D. Four hours
正解:C
質問 6:
E-mail logs contain which of the following information to help you in your investigation? (Choose four.)
A. unique message identifier
B. user account that was used to send the account
C. date and time the message was sent
D. attachments sent with the e-mail message
E. contents of the e-mail message
正解:A,B,C,E
質問 7:
Andie, a network administrator, suspects unusual network services running on a windows system. Which of the following commands should he use to verify unusual network services started on a Windows system?
A. lusrmgr
B. net start
C. netmgr
D. net serv
正解:B
質問 8:
Corporate investigations are typically easier than public investigations because:
A. the users can load whatever they want on their machines
B. the investigator does not have to get a warrant
C. the users have standard corporate equipment and software
D. the investigator has to get a warrant
正解:B
What type of file is represented by a colon (:) with a name following it in the Master File Table of NTFS disk?
A. A reserved file
B. A Data stream file
C. A compressed file
D. An encrypted file
正解:B
質問 2:
John is working as a computer forensics investigator for a consulting firm in Canad a. He is called to seize a computer at a local web caf purportedly used as a botnet server. John thoroughly scans the computer and finds nothing that would lead him to think the computer was a botnet server. John decides to scan the virtual memory of the computer to possibly find something he had missed. What information will the virtual memory scan produce?
A. It contains the times and dates of all the system files
B. It is not necessary to scan the virtual memory of a computer
C. It contains the times and dates of when the system was last patched
D. Hidden running processes
正解:D
質問 3:
Which of these ISO standards define the file system for optical storage media, such as CD-ROM and DVD-ROM?
A. ISO 13346
B. ISO 13490
C. ISO 9660
D. ISO 9960
正解:C
質問 4:
What type of analysis helps to identify the time and sequence of events in an investigation?
A. Relational
B. Temporal
C. Functional
D. Time-based
正解:B
質問 5:
An on-site incident response team is called to investigate an alleged case of computer tampering within their company. Before proceeding with the investigation, the CEO informs them that the incident will be classified as low level. How long will the team have to respond to the incident?
A. Immediately
B. Two working days
C. One working day
D. Four hours
正解:C
質問 6:
E-mail logs contain which of the following information to help you in your investigation? (Choose four.)
A. unique message identifier
B. user account that was used to send the account
C. date and time the message was sent
D. attachments sent with the e-mail message
E. contents of the e-mail message
正解:A,B,C,E
質問 7:
Andie, a network administrator, suspects unusual network services running on a windows system. Which of the following commands should he use to verify unusual network services started on a Windows system?
A. lusrmgr
B. net start
C. netmgr
D. net serv
正解:B
質問 8:
Corporate investigations are typically easier than public investigations because:
A. the users can load whatever they want on their machines
B. the investigator does not have to get a warrant
C. the users have standard corporate equipment and software
D. the investigator has to get a warrant
正解:B
秋月** -
この前に商品を購入致しました。今日受験して、無事合格しました。312-49v9合格できるのは何よりです。