Computer Hacking Forensic Investigator (CHFI v10) Free Practice Exam Questions

595 real Computer Hacking Forensic Investigator (CHFI v10) exam questions with answers and AI explanations. EC-Council certification prep — page 37 of 60.

  1. Question 368: NTFS sets a flag for the file once you encrypt it and creates an EFS attribute where it stores Data Decryption Field (DDF) and Data Recovery Field (DDR). Which…
  2. Question 369: Which of the following is a tool to reset Windows admin password?
  3. Question 370: Select the data that a virtual memory would store in a Windows-based system.
  4. Question 372: Which among the following search warrants allows the first responder to search and seize the victim's computer components such as hardware, software, storage d…
  5. Question 373: The MAC attributes are timestamps that refer to a time at which the file was last modified or last accessed or originally created. Which of the following file…
  6. Question 374: Which of the following statements is TRUE with respect to the Registry settings in the user start-up folder HKEY_CURRENT_USER\Software\Microsoft\Windows \Curre…
  7. Question 375: Which Linux command when executed displays kernel ring buffers or information about device drivers loaded into the kernel?
  8. Question 376: James, a hacker, identifies a vulnerability in a website. To exploit the vulnerability, he visits the login page and notes down the session ID that is created.…
  9. Question 377: What does the bytes 0x0B-0x53 represent in the boot sector of NTFS volume on Windows 2000?
  10. Question 378: What does the Rule 101 of Federal Rules of Evidence states?