312-49V10 Online Practice Questions and Answers

An intrusion detection system (IDS) gathers and analyzes information from within a computer or a network to identify any possible violations of security policy, including unauthorized access, as well as misuse.

Which of the following intrusion detection systems audit events that occur on a specific host?

A. Network-based intrusion detection

B. Host-based intrusion detection

C. Log file monitoring

D. File integrity checking

Microsoft Security IDs are available in Windows Registry Editor. The path to locate IDs in Windows 7 is:

A. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Currentversion \ProfileList

B. HKEY_LOCAL_MACHlNE\SOFTWARE\Microsoft\Windows NT\CurrentVersion \NetworkList

C. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentsVersion \setup

D. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule

How many times can data be written to a DVD+R disk?

A. Twice

B. Once

C. Zero

D. Infinite

What type of equipment would a forensics investigator store in a StrongHold bag?

A. PDAPDA?

B. Backup tapes

C. Hard drives

D. Wireless cards

Kyle is performing the final testing of an application he developed for the accounting department. His last round of testing is to ensure that the program is as secure as possible. Kyle runs the following command. What is he testing at this point? #include #include int main(int argc, char *argv[]) { char buffer[10]; if (argc < 2) { fprintf (stderr, "USAGE: %s string\n", argv[0]); return 1; } strcpy(buffer, argv[1]); return 0; }

A. SQL injection

B. Format string bug

C. Buffer overflow

D. Kernal injection

While analyzing a hard disk, the investigator finds that the file system does not use UEFI-based interface. Which of the following operating systems is present on the hard disk?

A. Windows 10

B. Windows 8

C. Windows 7

D. Windows 8.1

You have been given the task to investigate web attacks on a Windows-based server. Which of the following commands will you use to look at the sessions the machine has opened with other systems?

A. Net sessions

B. Net config

C. Net share

D. Net use

Which MySQL log file contains information on server start and stop?

A. Slow query log file

B. General query log file

C. Binary log

D. Error log file

The process of restarting a computer that is already turned on through the operating system is called?

A. Warm boot

B. Ice boot

C. Hot Boot

D. Cold boot

Gary is checking for the devices connected to USB ports of a suspect system during an investigation. Select the appropriate tool that will help him document all the connected devices.

A. DevScan

B. Devcon

C. fsutil

D. Reg.exe