- Email support@dumps4free.com
Topic 1: Exam Set A
International Mobile Equipment Identifier (IMEI) is a 15-dlgit number that indicates the
manufacturer, model type, and country of approval for GSM devices. The first eight digits of
an IMEI number that provide information about the model and origin of the mobile device is
also known as:
A.
Type Allocation Code (TAC)
B.
Device Origin Code (DOC)
C.
Manufacturer identification Code (MIC)
D.
Integrated Circuit Code (ICC)
Type Allocation Code (TAC)
Network forensics allows Investigators to inspect network traffic and logs to identify and
locate the attack system
Network forensics can reveal: (Select three answers)
A.
Source of security incidents’ and network attacks
B.
Path of the attack
C.
Intrusion techniques used by attackers
D.
Hardware configuration of the attacker's system
Source of security incidents’ and network attacks
Path of the attack
Intrusion techniques used by attackers
The IIS log file format is a fixed (cannot be customized) ASCII text-based format. The IIS
format includes basic items, such as client IP address, user name, date and time, service
and instance, server name and IP address, request type, target of operation, etc. Identify
the service status code from the following IIS log.
192.168.100.150, -, 03/6/11, 8:45:30, W3SVC2, SERVER, 172.15.10.30, 4210, 125, 3524,
100, 0, GET, /dollerlogo.gif,
A.
W3SVC2
B.
4210
C.
3524
D.
100
100
What is the "Best Evidence Rule"?
A.
It states that the court only allows the original evidence of a document, photograph, or
recording at the trial rather than a copy
B.
It contains system time, logged-on user(s), open files, network information, process
information, process-to-port mapping, process memory, clipboard contents, service/driver
information, and command history
C.
It contains hidden files, slack space, swap file, index.dat files, unallocated clusters,
unused partitions, hidden partitions, registry settings, and event logs
D.
It contains information such as open network connection, user logout, programs that
reside in memory, and cache data
It states that the court only allows the original evidence of a document, photograph, or
recording at the trial rather than a copy
Jason, a renowned forensic investigator, is investigating a network attack that resulted in
the compromise of several systems in a reputed multinational's network. He started
Wireshark to capture the network traffic. Upon investigation, he found that the DNS packets
travelling across the network belonged to a non-company configured IP. Which of the
following attack Jason can infer from his findings?
A.
DNS Poisoning
B.
Cookie Poisoning Attack
C.
DNS Redirection
D.
Session poisoning
DNS Poisoning
| Page 21 out of 98 Pages |
| Previous |