Allen works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a computer, which is used by the suspect to sexually harass the victim using instant messenger program. Suspect's computer runs on Windows operating system. Allen wants to recover password from instant messenger program, which suspect is using, to collect the evidence of the crime.
Allen is using Helix Live for this purpose. Which of the following utilities of Helix will he use to accomplish the task?

Which of the following registry hives stores information about the file extensions that are mapped to their corresponding applications?

John works as a Network Administrator for DigiNet Inc. He wants to investigate failed logon attempts to a network. He uses Log Parser to detail out the failed logons over a specific time frame. He uses the following commands and query to list all failed logons on a specific date:
logparser.exe file:FailedLogons.sql -i:EVT -o:datagrid
SELECT
timegenerated AS LogonTime,
extract_token(strings, 0, '|') AS UserName
FROM Security
WHERE EventID IN (529;
530;
531;
532;
533;
534;
535;
537;
539)
AND to_string(timegenerated,'yyyy-MM-dd HH:mm:ss') like '2004-09%'
After investigation, John concludes that two logon attempts were made by using an expired account.
Which of the following EventID refers to this failed logon?

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He wants to test the effect of a virus on the We-are-secure server. He injects the virus on the server and, as a result, the server becomes infected with the virus even though an established antivirus program is installed on the server. Which of the following do you think are the reasons why the antivirus installed on the server did not detect the virus injected by John?
Each correct answer represents a complete solution. Choose all that apply.

The MBR of a hard disk is a collection of boot records that contain disk information such as disk architecture, cluster size, and so on. The main work of the MBR is to locate and run necessary operating system files that are required to run a hard disk. In the context of the operating system, MBR is also known as the boot loader. Which of the following viruses can infect the MBR of a hard disk?
Each correct answer represents a complete solution. Choose two.