EC-COUNCIL EC-Council Digital Forensics Essentials (DFE) - 112-57무료 덤프문제 풀어보기
Given below are different steps involved in event correlation.
Event masking
Event aggregation
Root cause analysis
Event filtering
Identify the correct sequence of steps involved in event correlation.
Event masking
Event aggregation
Root cause analysis
Event filtering
Identify the correct sequence of steps involved in event correlation.
정답: A
설명: (Fast2test 회원만 볼 수 있음)
Bob, a security specialist at an organization, extracted the following IIS log from a Windows-based server:
"2019-12-12
06:11:41 192.168.0.10 GET /images/content/bg_body1.jpg - 80 - 192.168.0.27 Mozilla/5.0+(Windows+NT+6.
3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/48.0.2564.103+Safari/537.36
http://www.moviescope.com/css/style.css 200 0 0 365"
Identify the element in the above IIS log entry that indicates the request was fulfilled without error.
"2019-12-12
06:11:41 192.168.0.10 GET /images/content/bg_body1.jpg - 80 - 192.168.0.27 Mozilla/5.0+(Windows+NT+6.
3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/48.0.2564.103+Safari/537.36
http://www.moviescope.com/css/style.css 200 0 0 365"
Identify the element in the above IIS log entry that indicates the request was fulfilled without error.
정답: D
설명: (Fast2test 회원만 볼 수 있음)
Which of the following data acquisition formats supports the Lempel-Ziv-Markov chain (LZMA) algorithm for compression?
정답: B
설명: (Fast2test 회원만 볼 수 있음)
An investigator wants to extract information about the status of the network interface cards (NICs) in an organization's Windows-based systems. Identify the command-line utility that can help the investigator detect the network status.
정답: C
설명: (Fast2test 회원만 볼 수 있음)
Which of the following commands can an investigator use to parse GPTs of both types of hard disks, including those formatted with either UEFI or MBR?
정답: B
설명: (Fast2test 회원만 볼 수 있음)
Bob, a professional hacker, targeted an organization to launch attacks. Bob gathered information such as network topology and a list of live hosts. Based on the collected information, he launched further attacks over the organization's network.
Identify the type of network attack Bob initiated on the target organization in the above scenario.
Identify the type of network attack Bob initiated on the target organization in the above scenario.
정답: C
설명: (Fast2test 회원만 볼 수 있음)
While investigating a web attack on a Windows-based server, Jessy executed the following command on her system:
C:> net view <\10.10.10.11>
What was Jessy's objective in running the above command?
C:> net view <\10.10.10.11>
What was Jessy's objective in running the above command?
정답: B
설명: (Fast2test 회원만 볼 수 있음)
Kelvin, a forensic investigator at FinCorp Ltd., was investigating a cybercrime against the company. As part of the investigation process, he needs to recover corrupted and deleted files from a Windows system. Kelvin decided to use an automated tool to recover the damaged, corrupted, or deleted files.
Which of the following forensic tools can help Kelvin in recovering deleted files?
Which of the following forensic tools can help Kelvin in recovering deleted files?
정답: C
설명: (Fast2test 회원만 볼 수 있음)