PrepAway - Latest Free Exam Questions & Answers

Category: 312-49 (v.1)

Exam 312-49: Computer Hacking Forensic Investigator

What can the investigator do to prove the violation?

A suspect is accused of violating the acceptable use of computing resources, as he has visited adult websites and downloaded images. The investigator wants to demonstrate that the suspect did indeed visit these sites. However, the suspect has cleared the search history and emptied the cookie cache. Moreover, he has removed any images he might have downloaded.

What can the investigator do to prove the violation? Choose the most feasible option.

What would this attack on the company? PBX system be called?

Cylie is investigating a network breach at a state organization in Florida. She discovers that the intruders were able to gain access into the company firewalls by overloading them with IP packets.
Cylie then discovers through her investigation that the intruders hacked into the company phone system and used the hard drives on their PBX system to store shared music files.

What would this attack on the company? PBX system be called?

What can you do to prove that the evidence is the same as it was when it first entered the lab?

You are assigned to work in the computer forensics lab of a state police agency. While working on a high profile criminal case, you have followed every applicable procedure, however your boss is still concerned that the defense attorney might question wheather evidence has been changed while at the lab.

What can you do to prove that the evidence is the same as it was when it first entered the lab?

What is the name of the service used to synchronize time among multiple computers?

When monitoring for both intrusion and security events between multiple computers, it is essential that the computers’ clocks are synchronized.
Synchronized time allows an administrator to reconstruct what took place during an attack against multiple computers.
Without synchronized time, it is very difficult to determine exactly when specific events took place, and how events interlace.

What is the name of the service used to synchronize time among multiple computers?

What do you think would be the next sequence of events?

Chris has been called upon to investigate a hacking incident reported by one of his clients. The company suspects the involvement of an insider accomplice in the attack. Upon reaching the incident scene, Chris secures the physical area, records the scene using visual media. He shuts the system down by pulling the power plug so that he does not disturb the system in any way. He labels all cables and connectors prior to disconnecting any.

What do you think would be the next sequence of events?


Page 5 of 15« First...34567...10...Last »