Exam (elaborations)
CHFI study guide Questions with 100% Correct Verified Answers
- Course
- Institution
CHFI study guide Questions with 100% Correct Verified Answers
[Show more]
Seller
Follow
Content preview
CHFI study guide Questions with 100%Correct Verified Answers
Which command displays the network configuration of the NICs on the system? -
✅ipconfig /all
Which of the following is a Linux journaling file system: Ext3, HFS, FAT, or BFS? - ✅Ext3
which steganography types hides the secret message pattern on the document that is unclear
to the average reader? - ✅Open code steganography
Which table is used to convert huge word lists into password hashes? - ✅Rainbow tables
Which communication standard is used in serial communication data acquisition system? -
✅RS232
What approach checks and compares all the fields systematically and intentionally for
positive and negative correlation with each other to determine the correlation across one or
multiple fields? - ✅Automated field correlation approach
Attackers can manipulate variables that reference files with "dot-dot-slash (./)"
identity the attack referred - ✅Directory traversal
, The electronic serial number (ESN) is a unique _______ bit identifier recorded on a secure chip
in a mobile phone by the manufacturer. - ✅32-bit identifier
Who is responsible for collecting, preserving, and packaging electronic evidence? -
✅Forensic Laboratory staff
which task list command provides information about the listed processes, including the
image name, PID, name, and number of the session for the process? - ✅tasklist/V
What does event ID 531 in Windows security event logs indicate? - ✅A logon attempt
was made with a disabled account.
When collecting evidence from the RAM, where do you look for data? - ✅Swap file
The source, nature, and time of the attack can be determined by analyzing what on a
compromised system? - ✅log files
how many bytes are on a sector on a hard disk? - ✅512 bytes
What is chain of custody? - ✅A legal document that demonstrates progression of evidence
as it travels from original evidence to the forensic laboratory
Which RAID level has distributed parity? - ✅RAID level 5
Email spoofing refers to: - ✅The forgery of an email header so that the message appears
to have originated from someone or somewhere other than the actual source.
Which device in a wireless local area network (WLAN) determines the next network point
to which a packet should be forwarded toward its destination? - ✅Wireless router
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller KenAli. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
77254 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now