Dumpsbuddy logo
You are a security analyst performing reconnaissance on a company you will be carrying out a penetration test for. You conduct a search for IT jobs on Dice.com and find the following information for an open position:
7+ years experience in Windows Server environment
5+ years experience in Exchange 2000/2003 environment
Experience with Cisco Pix Firewall, Linksys 1376 router, Oracle 11i and MYOB v3.4 Accounting software are required MCSA desired,
MCSE, CEH preferred
No Unix/Linux Experience needed
What is this information posted on the job website considered?
Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the axfr and ixfr commands using DIG. What is Simon trying to accomplish here?
You are working on a thesis for your doctorate degree in Computer Science. Your thesis is based on HTML, DHTML, and other web-based languages and how they have evolved over the years. You navigate to archive.org and view the HTML code of news.com. You then navigate to the current news.com website and copy over the source code. While searching through the code, you come across something abnormal:
What have you found?
Michael works for Kimball Construction Company as senior security analyst. As part of yearly security audit, Michael scans his network for vulnerabilities. Using Nmap, Michael conducts XMAS scan and most of the ports scanned do not give a response. In what state are these ports?
In a forensic examination of hard drives for digital evidence, what type of user is most likely to have the most file slack to analyze?
When examining a file with a Hex Editor, what space does the file header occupy?
You are using DriveSpy, a forensic tool and want to copy 150 sectors where the starting sector is 1709 on the primary hard drive. Which of the following formats correctly specifies these sectors?
Which is a standard procedure to perform during all computer forensics investigations?
How many characters long is the fixed-length MD5 algorithm checksum of a critical system file?
Which legal document allows law enforcement to search an office, place of business, or other locale for evidence relating to an alleged crime?
You are trying to locate Microsoft Outlook Web Access Default Portal using Google search on the Internet. What search string will you use to locate them?
When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?
You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company's clients. You have rummaged through their trash and found very little information. You do not want to set off any alarms on their network, so you plan on performing passive footprinting against their Web servers. What tool should you use?
On Linux/Unix based Web servers, what privilege should the daemon service be run under?
Meyer Electronics Systems just recently had a number of laptops stolen out of their office. On these laptops contained sensitive corporate information regarding patents and company strategies. A month after the laptops were stolen, a competing company was found to have just developed products that almost exactly duplicated products that Meyer produces. What could have prevented this information from being stolen from the laptops?
What will the following command produce on a website login page?What will the following command produce on a website? login page?
SELECT email, passwd, login_id, full_name
FROM members
WHERE email = 'someone@somehwere.com'; DROP TABLE members; --'
____________________ is simply the application of Computer Investigation and analysis techniques in the interests of determining potential legal evidence.
Which of the following refers to the data that might still exist in a cluster even though the original file has been overwritten by another file?
The use of warning banners helps a company avoid litigation by overcoming an employees assumed
____________ When connecting to the company‟s intranet, network or Virtual Private Network(VPN) and will allow the company‟s investigators to monitor, search and retrieve information stored within the network.
Volatile Memory is one of the leading problems for forensics. Worms such as code Red are memory resident and do write themselves to the hard drive, if you turn the system off they disappear. In a lab environment, which of the following options would you suggest as the most appropriate to overcome the problem of capturing volatile memory?
The ____________________ refers to handing over the results of private investigations to the authorities because of indications of criminal activity.
When using Windows acquisitions tools to acquire digital evidence, it is important to use a well- tested hardware write-blocking device to:
What information do you need to recover when searching a victims computer for a crime committed with specific e-mail message?
You have been asked to investigate the possibility of computer fraud in the finance department of a company. It is suspected that a staff member has been committing finance fraud by printing cheques that have not been authorizeD. You have exhaustively searched all data files on a bitmap image of the target computer, but have found no evidence. You suspect the files may not have been saveD. What should you examine next in this case?
In conducting a computer abuse investigation you become aware that the suspect of the investigation is using ABC Company as his Internet Service Provider (ISP). You contact ISP and request that they provide you assistance with your investigation. What assistance can the ISP provide?
Microsoft Outlook maintains email messages in a proprietary format in what type of file?
You are called by an author who is writing a book and he wants to know how long the copyright for his book will last after he has the book published?
TESTED 03 Dec 2024
