New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium ECCouncil 312-49v9 Dumps Questions Answers

Page: 1 / 22
Total 589 questions

Computer Hacking Forensic Investigator (v9) Questions and Answers

Question 1

In a computer that has Dropbox client installed, which of the following files related to the Dropbox client store information about local Dropbox installation and the Dropbox user account, along with email IDs linked with the account?

Options:

A.

config.db

B.

install.db

C.

sigstore.db

D.

filecache.db

Buy Now
Question 2

James, a hacker, identifies a vulnerability in a website. To exploit the vulnerability, he visits the login page and notes down the session ID that is created. He appends this session ID to the login URL and shares the link with a victim. Once the victim logs into the website using the shared URL, James reloads the webpage (containing the URL with the session ID appended) and now, he can browse the active session of the victim. Which attack did James successfully execute?

Options:

A.

Cross Site Request Forgery

B.

Cookie Tampering

C.

Parameter Tampering

D.

Session Fixation Attack

Question 3

What is the capacity of Recycle bin in a system running on Windows Vista?

Options:

A.

2.99GB

B.

3.99GB

C.

Unlimited

D.

10% of the partition space

Question 4

Which of the following files store the MySQL database data permanently, including the data that had been deleted, helping the forensic investigator in examining the case and finding the culprit?

Options:

A.

mysql-bin

B.

mysql-log

C.

iblog

D.

ibdata1

Question 5

What do you call the process of studying the changes that have taken place across a system or a machine after a series of actions or incidents?

Options:

A.

Windows Services Monitoring

B.

System Baselining

C.

Start-up Programs Monitoring

D.

Host integrity Monitoring

Question 6

You are asked to build a forensic lab and your manager has specifically informed you to use copper for lining the walls, ceilings, and floor. What is the main purpose of lining the walls, ceilings, and floor with copper?

Options:

A.

To control the room temperature

B.

To strengthen the walls, ceilings, and floor

C.

To avoid electromagnetic emanations

D.

To make the lab sound proof

Question 7

Which of these ISO standards define the file system for optical storage media, such as CD-ROM and DVD-ROM?

Options:

A.

ISO 9660

B.

ISO 13346

C.

ISO 9960

D.

ISO 13490

Question 8

Which of the following tool can reverse machine code to assembly language?

Options:

A.

PEiD

B.

RAM Capturer

C.

IDA Pro

D.

Deep Log Analyzer

Question 9

An investigator has acquired packed software and needed to analyze it for the presence of malice. Which of the following tools can help in finding the packaging software used?

Options:

A.

SysAnalyzer

B.

PEiD

C.

Comodo Programs Manager

D.

Dependency Walker

Question 10

A forensic examiner is examining a Windows system seized from a crime scene. During the examination of a suspect file, he discovered that the file is password protected. He tried guessing the password using the suspect’s available information but without any success. Which of the following tool can help the investigator to solve this issue?

Options:

A.

Cain & Abel

B.

Xplico

C.

Recuva

D.

Colasoft’s Capsa

Question 11

Analyze the hex representation of mysql-bin.000013 file in the screenshot below. Which of the following will be an inference from this analysis?

Options:

A.

A user with username bad_guy has logged into the WordPress web application

B.

A WordPress user has been created with the username anonymous_hacker

C.

An attacker with name anonymous_hacker has replaced a user bad_guy in the WordPress database

D.

A WordPress user has been created with the username bad_guy

Question 12

In Linux OS, different log files hold different information, which help the investigators to analyze various issues during a security incident. What information can the investigators obtain from the log file

var/log/dmesg?

Options:

A.

Kernel ring buffer information

B.

All mail server message logs

C.

Global system messages

D.

Debugging log messages

Question 13

What value of the "Boot Record Signature" is used to indicate that the boot-loader exists?

Options:

A.

AA55

B.

00AA

C.

AA00

D.

A100

Question 14

In a Linux-based system, what does the command “Last -F” display?

Options:

A.

Login and logout times and dates of the system

B.

Last run processes

C.

Last functions performed

D.

Recently opened files

Question 15

Which component in the hard disk moves over the platter to read and write information?

Options:

A.

Actuator

B.

Spindle

C.

Actuator Axis

D.

Head

Question 16

companyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware.

Options:

A.

Source code review

B.

Reviewing the firewalls configuration

C.

Data items and vulnerability scanning

D.

Interviewing employees and network engineers

Question 17

MAC filtering is a security access control methodology, where a ___________ is assigned to each network card to determine access to the network.

Options:

A.

48-bit address

B.

24-bit address

C.

16-bit address

D.

32-bit address

Question 18

When a user deletes a file, the system creates a $I file to store its details. What detail does the $I file not contain?

Options:

A.

File Size

B.

File origin and modification

C.

Time and date of deletion

D.

File Name

Question 19

You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

Options:

A.

All three servers need to be placed internally

B.

A web server and the database server facing the Internet, an application server on the internal network

C.

A web server facing the Internet, an application server on the internal network, a database server on the internal network

D.

All three servers need to face the Internet so that they can communicate between themselves

Question 20

Buffer overflow vulnerabilities, of web applications, occurs when the application fails to guard its buffer properly and allows writing beyond its maximum size. Thus, it overwrites the _________. There are multiple forms of buffer overflow, including a Heap Buffer Overflow and a Format String Attack.

Options:

A.

Adjacent buffer locations

B.

Adjacent string locations

C.

Adjacent bit blocks

D.

Adjacent memory locations

Question 21

Which of the following file system uses Master File Table (MFT) database to store information about every file and directory on a volume?

Options:

A.

FAT File System

B.

ReFS

C.

exFAT

D.

NTFS File System

Question 22

While collecting Active Transaction Logs using SQL Server Management Studio, the query Select * from ::fn_dblog(NULL, NULL) displays the active portion of the transaction log file. Here, assigning NULL values implies?

Options:

A.

Start and end points for log sequence numbers are specified

B.

Start and end points for log files are not specified

C.

Start and end points for log files are specified

D.

Start and end points for log sequence numbers are not specified

Question 23

Which of the following email headers specifies an address for mailer-generated errors, like "no such user" bounce messages, to go to (instead of the sender's address)?

Options:

A.

Mime-Version header

B.

Content-Type header

C.

Content-Transfer-Encoding header

D.

Errors-To header

Question 24

Which among the following tools can help a forensic investigator to access the registry files during postmortem analysis?

Options:

A.

RegistryChangesView

B.

RegDIIView

C.

RegRipper

D.

ProDiscover

Question 25

Which ISO Standard enables laboratories to demonstrate that they comply with quality assurance and provide valid results?

Options:

A.

ISO/IEC 16025

B.

ISO/IEC 18025

C.

ISO/IEC 19025

D.

ISO/IEC 17025

Question 26

If the partition size is 4 GB, each cluster will be 32 K. Even if a file needs only 10 K, the entire 32 K will be allocated, resulting in 22 K of ________.

Options:

A.

Slack space

B.

Deleted space

C.

Sector space

D.

Cluster space

Question 27

During the trial, an investigator observes that one of the principal witnesses is severely ill and cannot be present for the hearing. He decides to record the evidence and present it to the court. Under which rule should he present such evidence?

Options:

A.

Rule 1003: Admissibility of Duplicates

B.

Limited admissibility

C.

Locard’s Principle

D.

Hearsay

Question 28

Gary is checking for the devices connected to USB ports of a suspect system during an investigation. Select the appropriate tool that will help him document all the connected devices.

Options:

A.

DevScan

B.

Devcon

C.

fsutil

D.

Reg.exe

Question 29

Jim’s company regularly performs backups of their critical servers. But the company can’t afford to send backup tapes to an off-site vendor for long term storage and archiving. Instead Jim’s company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from this year’s audit show a risk because backup tapes aren’t stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?

Options:

A.

Encrypt the backup tapes and use a courier to transport them.

B.

Encrypt the backup tapes and transport them in a lock box

C.

Degauss the backup tapes and transport them in a lock box.

D.

Hash the backup tapes and transport them in a lock box.

Question 30

What do you call the process in which an attacker uses magnetic field over the digital media device to delete any previously stored data?

Options:

A.

Disk deletion

B.

Disk cleaning

C.

Disk degaussing

D.

Disk magnetization

Question 31

What is the CIDR from the following screenshot?

Options:

A.

/24A./24A./24

B.

/32 B./32 B./32

C.

/16 C./16 C./16

D.

/8D./8D./8

Question 32

To check for POP3 traffic using Ethereal, what port should an investigator search by?

Options:

A.

143

B.

25

C.

110

D.

125

Question 33

Which of the following files DOES NOT use Object Linking and Embedding (OLE) technology to embed and link to other objects?

Options:

A.

Portable Document Format

B.

MS-office Word Document

C.

MS-office Word OneNote

D.

MS-office Word PowerPoint

Question 34

While searching through a computer under investigation, you discover numerous files that appear to have had the first letter of the file name replaced by the hex code byte 5h. What does this indicate on the computer?

Options:

A.

The files have been marked as hidden

B.

The files have been marked for deletion

C.

The files are corrupt and cannot be recovered

D.

The files have been marked as read-only

Question 35

An expert witness is a __________________ who is normally appointed by a party to assist the formulation and preparation of a party’s claim or defense.

Options:

A.

Expert in criminal investigation

B.

Subject matter specialist

C.

Witness present at the crime scene

D.

Expert law graduate appointed by attorney

Question 36

What advantage does the tool Evidor have over the built-in Windows search?

Options:

A.

It can find deleted files even after they have been physically removed

B.

It can find bad sectors on the hard drive

C.

It can search slack space

D.

It can find files hidden within ADS

Question 37

An investigator is searching through the firewall logs of a company and notices ICMP packets that are larger than 65,536 bytes. What type of activity is the investigator seeing?

Options:

A.

Smurf

B.

Ping of death

C.

Fraggle

D.

Nmap scan

Question 38

Which of the following tool enables data acquisition and duplication?

Options:

A.

Colasoft’s Capsa

B.

DriveSpy

C.

Wireshark

D.

Xplico

Question 39

Which of the following files stores information about a local Google Drive installation such as User email ID, Local Sync Root Path, and Client version installed?

Options:

A.

filecache.db

B.

config.db

C.

sigstore.db

D.

Sync_config.db

Question 40

What will the following Linux command accomplish?

dd if=/dev/mem of=/home/sam/mem.bin bs=1024

Options:

A.

Copy the master boot record to a file

B.

Copy the contents of the system folder to a file

C.

Copy the running memory to a file

D.

Copy the memory dump file to an image file

Question 41

At what layer does a cross site scripting attack occur on?

Options:

A.

Presentation

B.

Application

C.

Session

D.

Data Link

Question 42

Annie is searching for certain deleted files on a system running Windows XP OS. Where will she find the files if they were not completely deleted from the system?

Options:

A.

C: $Recycled.Bin

B.

C: \$Recycle.Bin

C.

C:\RECYCLER

D.

C:\$RECYCLER

Question 43

To which phase of the Computer Forensics Investigation Process does the Planning and Budgeting of a Forensics Lab belong?

Options:

A.

Post-investigation Phase

B.

Reporting Phase

C.

Pre-investigation Phase

D.

Investigation Phase

Question 44

Which of the following tool captures and allows you to interactively browse the traffic on a network?

Options:

A.

Security Task Manager

B.

Wireshark

C.

ThumbsDisplay

D.

RegScanner

Question 45

John is working as a computer forensics investigator for a consulting firm in Canada. He is called to seize a computer at a local web caf purportedly used as a botnet server. John thoroughly scans the computer and finds nothing that would lead him to think the computer was a botnet server. John decides to scan the virtual memory of the computer to possibly find something he had missed. What information will the virtual memory scan produce?

Options:

A.

It contains the times and dates of when the system was last patched

B.

It is not necessary to scan the virtual memory of a computer

C.

It contains the times and dates of all the system files

D.

Hidden running processes

Question 46

Jacob is a computer forensics investigator with over 10 years experience in investigations and has written over 50 articles on computer forensics. He has been called upon as a qualified witness to testify the accuracy and integrity of the technical log files gathered in an investigation into computer fraud. What is the term used for Jacob testimony in this case?

Options:

A.

Justification

B.

Authentication

C.

Reiteration

D.

Certification

Question 47

What is the primary function of the tool CHKDSK in Windows that authenticates the file system reliability of a volume?

Options:

A.

Repairs logical file system errors

B.

Check the disk for hardware errors

C.

Check the disk for connectivity errors

D.

Check the disk for Slack Space

Question 48

The following is a log file screenshot from a default installation of IIS 6.0.

What time standard is used by IIS as seen in the screenshot?

Options:

A.

UTC

B.

GMT

C.

TAI

D.

UT

Question 49

What must an investigator do before disconnecting an iPod from any type of computer?

Options:

A.

Unmount the iPod

B.

Mount the iPod

C.

Disjoin the iPod

D.

Join the iPod

Question 50

What feature of Windows is the following command trying to utilize?

Options:

A.

White space

B.

AFS

C.

ADS

D.

Slack file

Question 51

Tyler is setting up a wireless network for his business that he runs out of his home. He has followed all the directions from the ISP as well as the wireless router manual. He does not have any encryption set and the SSID is being broadcast. On his laptop, he can pick up the wireless signal for short periods of time, but then the connection drops and the signal goes away.

Eventually the wireless signal shows back up, but drops intermittently. What could be Tyler issue with his home wireless network?

Options:

A.

Computers on his wired network

B.

Satellite television

C.

2.4Ghz Cordless phones

D.

CB radio

Question 52

In a virtual test environment, Michael is testing the strength and security of BGP using multiple routers to mimic the backbone of the Internet. This project will help him write his doctoral thesis on "bringing down the Internet". Without sniffing the traffic between the routers, Michael sends millions of RESET packets to the routers in an attempt to shut one or all of them down. After a few hours, one of the routers finally shuts itself down. What will the other routers communicate between themselves?

Options:

A.

The change in the routing fabric to bypass the affected router

B.

More RESET packets to the affected router to get it to power back up

C.

RESTART packets to the affected router to get it to power back up

D.

STOP packets to all other routers warning of where the attack originated

Question 53

If you are concerned about a high level of compression but not concerned about any possible data loss, what type of compression would you use?

Options:

A.

Lossful compression

B.

Lossy compression

C.

Lossless compression

D.

Time-loss compression

Question 54

A forensics investigator needs to copy data from a computer to some type of removable media so he can examine the information at another location. The problem is that the data is around 42GB in size. What type of removable media could the investigator use?

Options:

A.

Blu-Ray single-layer

B.

HD-DVD

C.

Blu-Ray dual-layer

D.

DVD-18

Question 55

Which of the following Event Correlation Approach checks and compares all the fields systematically and intentionally for positive and negative correlation with each other to determine the correlation across one or multiple fields?

Options:

A.

Rule-Based Approach

B.

Automated Field Correlation

C.

Field-Based Approach

D.

Graph-Based Approach

Question 56

Which password cracking technique uses every possible combination of character sets?

Options:

A.

Rainbow table attack

B.

Brute force attack

C.

Rule-based attack

D.

Dictionary attack

Question 57

Which of the following technique creates a replica of an evidence media?

Options:

A.

Data Extraction

B.

Backup

C.

Bit Stream Imaging

D.

Data Deduplication

Question 58

Ivanovich, a forensics investigator, is trying to extract complete information about running processes from a system. Where should he look apart from the RAM and virtual memory?

Options:

A.

Swap space

B.

Application data

C.

Files and documents

D.

Slack space

Question 59

Which of the following are small pieces of data sent from a website and stored on the user’s computer by the user’s web browser to track, validate, and maintain specific user information?

Options:

A.

Temporary Files

B.

Open files

C.

Cookies

D.

Web Browser Cache

Question 60

Where are files temporarily written in Unix when printing?

Options:

A.

/usr/spool

B.

/var/print

C.

/spool

D.

/var/spool

Question 61

Printing under a Windows Computer normally requires which one of the following files types to be created?

Options:

A.

EME

B.

MEM

C.

EMF

D.

CME

Question 62

What is kept in the following directory? HKLM\SECURITY\Policy\Secrets

Options:

A.

Cached password hashes for the past 20 users

B.

Service account passwords in plain text

C.

IAS account names and passwords

D.

Local store PKI Kerberos certificates

Question 63

You are working as Computer Forensics investigator and are called by the owner of an accounting firm to investigate possible computer abuse by one of the firm’s employees. You meet with the owner of the firm and discover that the company has never published a policy stating that they reserve the right to inspect their computing assets at will. What do you do?

Options:

A.

Inform the owner that conducting an investigation without a policy is not a problem because the company is privately owned

B.

Inform the owner that conducting an investigation without a policy is a violation of the 4th amendment

C.

Inform the owner that conducting an investigation without a policy is a violation of the employee’s expectation of privacy

D.

Inform the owner that conducting an investigation without a policy is not a problem because a policy is only necessary for government agencies

Question 64

What does mactime, an essential part of the coroner's toolkit do?

Options:

A.

It traverses the file system and produces a listing of all files based on the modification, access and change timestamps

B.

It can recover deleted file space and search it for data. However, it does not allow the investigator to preview them

C.

The tools scans for i-node information, which is used by other tools in the tool kit

D.

It is too specific to the MAC OS and forms a core component of the toolkit

Question 65

Office Documents (Word, Excel and PowerPoint) contain a code that allows tracking the MAC or unique identifier of the machine that created the document. What is that code called?

Options:

A.

Globally unique ID

B.

Microsoft Virtual Machine Identifier

C.

Personal Application Protocol

D.

Individual ASCII string

Question 66

Area density refers to:

Options:

A.

the amount of data per disk

B.

the amount of data per partition

C.

the amount of data per square inch

D.

the amount of data per platter

Question 67

When examining a file with a Hex Editor, what space does the file header occupy?

Options:

A.

the last several bytes of the file

B.

the first several bytes of the file

C.

none, file headers are contained in the FAT

D.

one byte at the beginning of the file

Question 68

A packet is sent to a router that does not have the packet destination address in its route table.

How will the packet get to its proper destination?

Options:

A.

Root Internet servers

B.

Border Gateway Protocol

C.

Gateway of last resort

D.

Reverse DNS

Question 69

A law enforcement officer may only search for and seize criminal evidence with _______________________, which are facts or circumstances that would lead a reasonable person to believe a crime has been committed or is about to be committed, evidence of the specific crime exists and the evidence of the specific crime exists at the place to be searched.

Options:

A.

Mere Suspicion

B.

A preponderance of the evidence

C.

Probable cause

D.

Beyond a reasonable doubt

Question 70

You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities: When you type this and click on search, you receive a pop-up window that says: "This is a test."

What is the result of this test?

Options:

A.

Your website is vulnerable to CSS

B.

Your website is not vulnerable

C.

Your website is vulnerable to SQL injection

D.

Your website is vulnerable to web bugs

Question 71

Why are Linux/Unix based computers better to use than Windows computers for idle scanning?

Options:

A.

Linux/Unix computers are easier to compromise

B.

Linux/Unix computers are constantly talking

C.

Windows computers are constantly talking

D.

Windows computers will not respond to idle scans

Question 72

When performing a forensics analysis, what device is used to prevent the system from recording data on an evidence disk?

Options:

A.

a write-blocker

B.

a protocol analyzer

C.

a firewall

D.

a disk editor

Question 73

You are working for a local police department that services a population of 1,000,000 people and you have been given the task of building a computer forensics lab. How many law-enforcement computer investigators should you request to staff the lab?

Options:

A.

8

B.

1

C.

4

D.

2

Question 74

As a CHFI professional, which of the following is the most important to your professional reputation?

Options:

A.

Your Certifications

B.

The correct, successful management of each and every case

C.

The free that you charge

D.

The friendship of local law enforcement officers

Question 75

What is the name of the Standard Linux Command that is also available as windows application that can be used to create bit-stream images?

Options:

A.

mcopy

B.

image

C.

MD5

D.

dd

Question 76

With the standard Linux second extended file system (Ext2fs), a file is deleted when the inode internal link count reaches ________.

Options:

A.

0

B.

10

C.

100

D.

1

Question 77

You are assisting in the investigation of a possible Web Server Hack. The company who called you stated that customers reported to them that whenever they entered the web address of the company in their browser, what they received was a porno graphic web site. The company checked the web server and nothing appears wrong. When you type in the IP address of the web site in your browser everything appears normal. What is the name of the attack that affects the DNS cache of the name resolution servers, resulting in those servers directing users to the wrong web site?

Options:

A.

ARP Poisoning

B.

DNS Poisoning

C.

HTTP redirect attack

D.

IP Spoofing

Question 78

Which legal document allows law enforcement to search an office, place of business, or other locale for evidence relating to an alleged crime?

Options:

A.

bench warrant

B.

wire tap

C.

subpoena

D.

search warrant

Question 79

What should you do when approached by a reporter about a case that you are working on or have worked on?

Options:

A.

Refer the reporter to the attorney that retained you

B.

Say, "no comment"

C.

Answer all the reporter’s questions as completely as possible

D.

Answer only the questions that help your case

Question 80

A(n) _____________________ is one that's performed by a computer program rather than the attacker manually performing the steps in the attack sequence.

Options:

A.

blackout attack

B.

automated attack

C.

distributed attack

D.

central processing attack

Question 81

A suspect is accused of violating the acceptable use of computing resources, as he has visited adult websites and downloaded images. The investigator wants to demonstrate that the suspect did indeed visit these sites. However, the suspect has cleared the search history and emptied the cookie cache. Moreover, he has removed any images he might have downloaded. What can the investigator do to prove the violation?

Options:

A.

Image the disk and try to recover deleted files

B.

Seek the help of co-workers who are eye-witnesses

C.

Check the Windows registry for connection data (you may or may not recover)

D.

Approach the websites for evidence

Question 82

Terri works for a security consulting firm that is currently performing a penetration test on First National Bank in Tokyo. Terri's duties include bypassing firewalls and switches to gain access to the network. Terri sends an IP packet to one of the company's switches with ACK bit and the source address of her machine set. What is Terri trying to accomplish by sending this IP packet?

Options:

A.

Trick the switch into thinking it already has a session with Terri's computer

B.

Poison the switch's MAC address table by flooding it with ACK bits

C.

Crash the switch with a DoS attack since switches cannot send ACK bits

D.

Enable tunneling feature on the switch

Question 83

You have completed a forensic investigation case. You would like to destroy the data contained in various disks at the forensics lab due to sensitivity of the case. How would you permanently erase the data on the hard disk?

Options:

A.

Throw the hard disk into the fire

B.

Run the powerful magnets over the hard disk

C.

Format the hard disk multiple times using a low level disk utility

D.

Overwrite the contents of the hard disk with Junk data

Question 84

James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?

Options:

A.

Smurf

B.

Trinoo

C.

Fraggle

D.

SYN flood

Question 85

Your company uses Cisco routers exclusively throughout the network. After securing the routers to the best of your knowledge, an outside security firm is brought in to assess the network security.

Although they found very few issues, they were able to enumerate the model, OS version, and capabilities for all your Cisco routers with very little effort. Which feature will you disable to eliminate the ability to enumerate this information on your Cisco routers?

Options:

A.

Border Gateway Protocol

B.

Cisco Discovery Protocol

C.

Broadcast System Protocol

D.

Simple Network Management Protocol

Question 86

One way to identify the presence of hidden partitions on a suspect's hard drive is to:

Options:

A.

Add up the total size of all known partitions and compare it to the total size of the hard drive

B.

Examine the FAT and identify hidden partitions by noting an H in the partition Type field

C.

Examine the LILO and note an H in the partition Type field

D.

It is not possible to have hidden partitions on a hard drive

Question 87

Corporate investigations are typically easier than public investigations because:

Options:

A.

the users have standard corporate equipment and software

B.

the investigator does not have to get a warrant

C.

the investigator has to get a warrant

D.

the users can load whatever they want on their machines

Question 88

You have been asked to investigate after a user has reported a threatening e-mail they have received from an external source. Which of the following are you most interested in when trying to trace the source of the message?

Options:

A.

The X509 Address

B.

The SMTP reply Address

C.

The E-mail Header

D.

The Host Domain Name

Page: 1 / 22
Total 589 questions