1436 お客様のコメント
質問 1:
Sectors in hard disks typically contain how many bytes?
A. 1024
B. 2048
C. 512
D. 256
正解:C
質問 2:
How many characters long is the fixed-length MD5 algorithm checksum of a critical system file?
A. 64
B. 128
C. 16
D. 32
正解:D
質問 3:
You are working in the security Department of law firm. One of the attorneys asks you about the topic of sending fake email because he has a client who has been charged with doing just that. His client alleges that he is innocent and that there is no way for a fake email to actually be sent. You inform the attorney that his client is mistaken and that fake email is possibility and that you can prove it. You return to your desk and craft a fake email to the attorney that appears to come from his boss. What port do you send the email to on the company SMTP server?
A. 25
B. 110
C. 135
D. 10
正解:A
質問 4:
While working for a prosecutor, What do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense ?
A. Destroy the evidence
B. Bring the information to the attention of the prosecutor, his or her supervisor or finally to the judge
C. Present the evidence to the defense attorney
D. Keep the information of file for later review
正解:B
質問 5:
You are conducting an investigation of fraudulent claims in an insurance company that involves complex text searches through large numbers of documents. Which of the following tools would allow you to quickly and efficiently search for a string within a file on the bitmap image of the target computer?
A. Stringsearch
B. vim
C. grep
D. dir
正解:C
質問 6:
You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?
A. Oligomorhic
B. Polymorphic
C. Transmorphic
D. Metamorphic
正解:D
質問 7:
Hackers can gain access to Windows Registry and manipulate user passwords, DNS settings, access rights or others features that they may need in order to accomplish their objectives. One simple method for loading an application at startup is to add an entry (Key) to the following Registry Hive:
A. HKEY_LOCAL_MACHINESoftwareMicrosoftCurrentVersionRun
B. HKEY_LOCAL_USERSSoftware|MicrosoftoldVersionLoad
C. HKEY_CURRENT_USERMicrosoftDefault
D. HKEY_LOCAL_MACHINEhardwarewindowsstart
正解:A
質問 8:
Which is a standard procedure to perform during all computer forensics investigations?
A. with the hard drive in the suspect PC, check the date and time in the File Allocation Table
B. with the hard drive in the suspect PC, check the date and time in the systems CMOS
C. with the hard drive removed from the suspect PC, check the date and time in the systems CMOS
D. with the hard drive removed from the suspect PC, check the date an d time in the systems RAM
正解:C
Sectors in hard disks typically contain how many bytes?
A. 1024
B. 2048
C. 512
D. 256
正解:C
質問 2:
How many characters long is the fixed-length MD5 algorithm checksum of a critical system file?
A. 64
B. 128
C. 16
D. 32
正解:D
質問 3:
You are working in the security Department of law firm. One of the attorneys asks you about the topic of sending fake email because he has a client who has been charged with doing just that. His client alleges that he is innocent and that there is no way for a fake email to actually be sent. You inform the attorney that his client is mistaken and that fake email is possibility and that you can prove it. You return to your desk and craft a fake email to the attorney that appears to come from his boss. What port do you send the email to on the company SMTP server?
A. 25
B. 110
C. 135
D. 10
正解:A
質問 4:
While working for a prosecutor, What do you think you should do if the evidence you found appears to be exculpatory and is not being released to the defense ?
A. Destroy the evidence
B. Bring the information to the attention of the prosecutor, his or her supervisor or finally to the judge
C. Present the evidence to the defense attorney
D. Keep the information of file for later review
正解:B
質問 5:
You are conducting an investigation of fraudulent claims in an insurance company that involves complex text searches through large numbers of documents. Which of the following tools would allow you to quickly and efficiently search for a string within a file on the bitmap image of the target computer?
A. Stringsearch
B. vim
C. grep
D. dir
正解:C
質問 6:
You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?
A. Oligomorhic
B. Polymorphic
C. Transmorphic
D. Metamorphic
正解:D
質問 7:
Hackers can gain access to Windows Registry and manipulate user passwords, DNS settings, access rights or others features that they may need in order to accomplish their objectives. One simple method for loading an application at startup is to add an entry (Key) to the following Registry Hive:
A. HKEY_LOCAL_MACHINESoftwareMicrosoftCurrentVersionRun
B. HKEY_LOCAL_USERSSoftware|MicrosoftoldVersionLoad
C. HKEY_CURRENT_USERMicrosoftDefault
D. HKEY_LOCAL_MACHINEhardwarewindowsstart
正解:A
質問 8:
Which is a standard procedure to perform during all computer forensics investigations?
A. with the hard drive in the suspect PC, check the date and time in the File Allocation Table
B. with the hard drive in the suspect PC, check the date and time in the systems CMOS
C. with the hard drive removed from the suspect PC, check the date and time in the systems CMOS
D. with the hard drive removed from the suspect PC, check the date an d time in the systems RAM
正解:C
秋*忍 -
Pass4Testさんの問題集試験対策には本当に信頼している。おかげ様で合格いたしました。
ありがとうございました。