1. Home
  2. EC-COUNCIL
  3. 312-49

ECCouncil Computer Hacking Forensic Investigator (V9)

Exam Details

  • Exam Code
    :312-49
  • Exam Name
    :ECCouncil Computer Hacking Forensic Investigator (V9)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :531 Q&As
  • Last Updated
    :May 05, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-49 Questions & Answers

  • Question 221:

    Which of the following tool captures and allows you to interactively browse the traffic on a network?

    A. Security Task Manager

    B. Wireshark

    C. ThumbsDisplay

    D. RegScanner

  • Question 222:

    Which of the following standard represents a legal precedent sent in 1993 by the Supreme Court of the United States regarding the admissibility of expert witnesses' testimony during federal legal proceedings?

    A. IOCE

    B. SWGDE and SWGIT

    C. Frye

    D. Daubert

  • Question 223:

    Which US law does the interstate or international transportation and receiving of child pornography fall under?

    A. - 8. U.S.C. 1466A

    B. - 8. U.S.C 252

    C. - 8. U.S.C 146A

    D. - 8. U.S.C 2252

  • Question 224:

    Which network attack is described by the following statement?

    "At least five Russian major banks came under a continuous hacker attack, although online client services

    were not disrupted. The attack came from a wide-scale botnet involving at least 24,000 computers, located

    in 30 countries."

    A. DDoS

    B. Sniffer Attack

    C. Buffer Overflow

    D. Man-in-the-Middle Attack

  • Question 225:

    Which of the following is a list of recently used programs or opened files?

    A. Most Recently Used (MRU)

    B. Recently Used Programs (RUP)

    C. Master File Table (MFT)

    D. GUID Partition Table (GPT)

  • Question 226:

    Which of the following tasks DOES NOT come under the investigation phase of a cybercrime forensics investigation case?

    A. Data collection

    B. Secure the evidence

    C. First response

    D. Data analysis

  • Question 227:

    Which of the following file contains the traces of the applications installed, run, or uninstalled from a system?

    A. Shortcut Files

    B. Virtual files

    C. Prefetch Files

    D. Image Files

  • Question 228:

    Which password cracking technique uses details such as length of password, character sets used to construct the password, etc.?

    A. Dictionary attack

    B. Brute force attack

    C. Rule-based attack

    D. Man in the middle attack

  • Question 229:

    What type of attack sends spoofed UDP packets (instead of ping packets) with a fake source address to the IP broadcast address of a large network?

    A. Fraggle

    B. Smurf scan

    C. SYN flood

    D. Teardrop

  • Question 230:

    When reviewing web logs, you see an entry for resource not found in the HTTP status code field. What is the actual error code that you would see in the log for resource not found?

    A. 202

    B. 404

    C. 606

    D. 999

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.