312-49v10 Free Practice Test

- (Exam Topic 1)
An Employee is suspected of stealing proprietary information belonging to your company that he had no rights to possess. The information was stored on the Employees Computer that was protected with the NTFS Encrypted File System (EFS) and you had observed him copy the files to a floppy disk just before leaving work for the weekend. You detain the Employee before he leaves the building and recover the floppy disks and secure his computer. Will you be able to break the encryption so that you can verify that that the employee was in possession of the proprietary information?

1. A. EFS uses a 128-bit key that can't be cracked, so you will not be able to recover the information
2. B. When the encrypted file was copied to the floppy disk, it was automatically unencrypted, so you can recover the information.
3. C. The EFS Revoked Key Agent can be used on the Computer to recover the information
4. D. When the Encrypted file was copied to the floppy disk, the EFS private key was also copied to the floppy disk, so you can recover the information.

Correct Answer: B

- (Exam Topic 3)
Adam, a forensic analyst, is preparing VMs for analyzing a malware. Which of the following is NOT a best practice?

1. A. Isolating the host device
2. B. Installing malware analysis tools
3. C. Using network simulation tools
4. D. Enabling shared folders

Correct Answer: D

- (Exam Topic 1)
When a file is deleted by Windows Explorer or through the MS-DOS delete command, the operating system inserts ______ in the first letter position of the filename in the FAT database.

1. A. A Capital X
2. B. A Blank Space
3. C. The Underscore Symbol
4. D. The lowercase Greek Letter Sigma (s)

Correct Answer: D

- (Exam Topic 2)
What does 254 represent in ICCID 89254021520014515744?

1. A. Industry Identifier Prefix
2. B. Country Code
3. C. Individual Account Identification Number
4. D. Issuer Identifier Number

Correct Answer: B

- (Exam Topic 2)
How many possible sequence number combinations are there in TCP/IP protocol?

1. A. 1 billion
2. B. 320 billion
3. C. 4 billion
4. D. 32 million

Correct Answer: C