CHFI v9 Exam With Complete Solutions 100%
Correct Latest Update
Which of the following is used to find dynamically linked lists off an application or
malware?
A. SysAnalyzer
B. PEiD
C. DependencyWalker
D. ResourcesExtract - ANSWER DependencyWalker
Why is an obfuscator used in malware?
A. Transforming malware into a media file
B. Performing malicious code execution in the system
C. Propagation of malware across other connected devices.
D. Making the malware evade the detection by security mechanisms - ANSWER Making
the malware evade the detection by security mechanisms
Gary is performing an investigation and wants to check the devices that were connected
to the USB ports of a suspect system. Choose the appropriate tool that would help him
document all the connected devices.
A. Drivespy
B. fsutil
C. Devcon
D. Reg.exe - ANSWER Devcon
Richard is performing volatile data extraction from a system and uses the command
,doskey/history. What is he trying to extract?
A. History of the browser
B. Passwords used across the system
C. Events history
D. Previously typed commands - ANSWER Previously typed commands
Gary a computer technician is accused of abusing children online by making friendship
with them and transmitting illicit adult images from his office computer. What type of
investigation is this.
A. Criminal Investigation
B. Administrative Investigation
C. Civil Investigation
D. Both Criminal and Administrative Investigation - ANSWER Both criminal and
investigation
What is the size value of a nibble
A. 0.5 bit
B. 2 bits
C. 0.5 byte
D. 0.5 Kilo byte - ANSWER .5 byte
Which among the following search warrants allow the first responder to search and
seize the victims computer components such as hardware, software, storage devices
and documentation
A. Service Provider Search Warrant
,B. Citizen Informant Search Warrant
C. John Doe Search Warrant
D. Electronic Storage Device Search Warrant - ANSWER Electronic Storage Device
Search Warrant
BMP, for Bitmap, is a standard file format for computers that run the Windows operating
system. BMP images can be in black and white (1 bit per pixel) to 24-bit color (16.7
million colors). Each bitmap file contains a header, RGBQUAD array, information
header, and image data. Which of the following element specifies dimensions, the type
of compression to apply, and the color format for the bitmap.
A. Information header
B. The RGBQUAD array
C. Header
D. Image data
ANSWER Information Header
Buffer overflow vulnerability of web applications happens when it is unable to protect its
buffer and allows writing beyond its maximum size. Thus, it overwrites ______.There are
multiple types of buffer overflow., such as Heap Buffer Overflow and a Format String
Attack.
A. Adjacent bit blocks
B. Adjacent memory locations
C. Adjacent string locations
D. Adjacent string locations
ANSWER Adjacent Memory Locations
What does 254 represent in ICCID 89254021520014515744
, A. Issuer Identifier Number
B. Industry Identifier Prefix
C. Individual Account Identification Number
D. Country Code - ANSWER Country Code
A forensic examiner is analyzing a Window system seized from a crime scene. During
the analysis of a
suspect file, he found out that the file is password protected. He tried guessing the
password using the
suspect's available information but without any success. Which of the following tool can
help the investigator to
solve this issue?
A. Cain & Abel
B. Xplico
C. Colasoft's Capsa
D. Recuva - ANSWER Cain & Abel
Which of the following files DOES NOT use Object Linking and Embedding (OLE)
technology to embed and
link to other objects?
A. MS-office Word Document
B. MS-office Word PowerPoint
C. Portable Document Format
D. MS-office Word OneNote - ANSWER Portable Document Format (PDF)
Lynne gets the following e-mail:
Dear !
We are sorry to inform you that your ID has been temporary frozen due to incorrect or
missing information
saved at 2016/11/10 20:40:24
Correct Latest Update
Which of the following is used to find dynamically linked lists off an application or
malware?
A. SysAnalyzer
B. PEiD
C. DependencyWalker
D. ResourcesExtract - ANSWER DependencyWalker
Why is an obfuscator used in malware?
A. Transforming malware into a media file
B. Performing malicious code execution in the system
C. Propagation of malware across other connected devices.
D. Making the malware evade the detection by security mechanisms - ANSWER Making
the malware evade the detection by security mechanisms
Gary is performing an investigation and wants to check the devices that were connected
to the USB ports of a suspect system. Choose the appropriate tool that would help him
document all the connected devices.
A. Drivespy
B. fsutil
C. Devcon
D. Reg.exe - ANSWER Devcon
Richard is performing volatile data extraction from a system and uses the command
,doskey/history. What is he trying to extract?
A. History of the browser
B. Passwords used across the system
C. Events history
D. Previously typed commands - ANSWER Previously typed commands
Gary a computer technician is accused of abusing children online by making friendship
with them and transmitting illicit adult images from his office computer. What type of
investigation is this.
A. Criminal Investigation
B. Administrative Investigation
C. Civil Investigation
D. Both Criminal and Administrative Investigation - ANSWER Both criminal and
investigation
What is the size value of a nibble
A. 0.5 bit
B. 2 bits
C. 0.5 byte
D. 0.5 Kilo byte - ANSWER .5 byte
Which among the following search warrants allow the first responder to search and
seize the victims computer components such as hardware, software, storage devices
and documentation
A. Service Provider Search Warrant
,B. Citizen Informant Search Warrant
C. John Doe Search Warrant
D. Electronic Storage Device Search Warrant - ANSWER Electronic Storage Device
Search Warrant
BMP, for Bitmap, is a standard file format for computers that run the Windows operating
system. BMP images can be in black and white (1 bit per pixel) to 24-bit color (16.7
million colors). Each bitmap file contains a header, RGBQUAD array, information
header, and image data. Which of the following element specifies dimensions, the type
of compression to apply, and the color format for the bitmap.
A. Information header
B. The RGBQUAD array
C. Header
D. Image data
ANSWER Information Header
Buffer overflow vulnerability of web applications happens when it is unable to protect its
buffer and allows writing beyond its maximum size. Thus, it overwrites ______.There are
multiple types of buffer overflow., such as Heap Buffer Overflow and a Format String
Attack.
A. Adjacent bit blocks
B. Adjacent memory locations
C. Adjacent string locations
D. Adjacent string locations
ANSWER Adjacent Memory Locations
What does 254 represent in ICCID 89254021520014515744
, A. Issuer Identifier Number
B. Industry Identifier Prefix
C. Individual Account Identification Number
D. Country Code - ANSWER Country Code
A forensic examiner is analyzing a Window system seized from a crime scene. During
the analysis of a
suspect file, he found out that the file is password protected. He tried guessing the
password using the
suspect's available information but without any success. Which of the following tool can
help the investigator to
solve this issue?
A. Cain & Abel
B. Xplico
C. Colasoft's Capsa
D. Recuva - ANSWER Cain & Abel
Which of the following files DOES NOT use Object Linking and Embedding (OLE)
technology to embed and
link to other objects?
A. MS-office Word Document
B. MS-office Word PowerPoint
C. Portable Document Format
D. MS-office Word OneNote - ANSWER Portable Document Format (PDF)
Lynne gets the following e-mail:
Dear !
We are sorry to inform you that your ID has been temporary frozen due to incorrect or
missing information
saved at 2016/11/10 20:40:24
