1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-COUNCIL 312-49V10 Online Practice Questions and Exam Preparation

312-49V10 Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1028 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-49V10 Online Questions & Answers

  • Question 311:

    Which of the following file formats allows the user to compress the acquired data as well as keep it randomly accessible?

    A. Proprietary Format
    B. Generic Forensic Zip (gfzip)
    C. Advanced Forensic Framework 4
    D. Advanced Forensics Format (AFF)

  • Question 312:

    Log management includes all the processes and techniques used to collect, aggregate, and analyze computer-generated log messages. It consists of the hardware, software, network and media used to generate, transmit, store, analyze, and dispose of log data.

    A. True
    B. False

  • Question 313:

    An executive has leaked the company trade secrets through an external drive. What process should the investigation team take if they could retrieve his system?

    A. Postmortem Analysis
    B. Real-Time Analysis
    C. Packet Analysis
    D. Malware Analysis

  • Question 314:

    If you see the files Zer0.tar.gz and copy.tar.gz on a Linux system while doing an investigation, what can you conclude?

    A. The system files have been copied by a remote attacker
    B. The system administrator has created an incremental backup
    C. The system has been compromised using a t0rn rootkit
    D. Nothing in particular as these can be operational files

  • Question 315:

    As a CHFI professional, which of the following is the most important to your professional reputation?

    A. Your Certifications
    B. The correct, successful management of each and every case
    C. The free that you charge
    D. The friendship of local law enforcement officers

  • Question 316:

    A Computer Hacking Forensics Investigator (CHFI) has been asked to retrieve specific email files from a large RAID server after a data breach. Additionally, fragments of unallocated (deleted) data are also required. However, there is a severe constraint on time and resources.

    Considering these requirements, which type of data acquisition should the investigator primarily focus on?

    A. Logical acquisition
    B. Bit-stream disk-to-disk
    C. Sparse acquisition
    D. Bit-stream disk-to-image-file

  • Question 317:

    You are a computer forensics investigator working with local police department and you are called to assist in an investigation of threatening emails. The complainant has printed out 27 email messages from the suspect and gives the printouts to you. You inform her that you will need to examine her computer because you need access to the _________________________ in order to track the emails back to the suspect.

    A. Routing Table
    B. Firewall log
    C. Configuration files
    D. Email Header

  • Question 318:

    Which of the following statements is true with respect to SSDs (solid-state drives)?

    A. Like HDDs, SSDs also have moving parts
    B. SSDs contain tracks, clusters, and sectors to store data
    C. Faster data access, lower power usage, and higher reliability are some of the major advantages of SSDs over HDDs
    D. SSDs cannot store non-volatile data

  • Question 319:

    What is the primary function of the tool CHKDSK in Windows that authenticates the file system reliability of a volume?

    A. Repairs logical file system errors
    B. Check the disk for hardware errors
    C. Check the disk for connectivity errors
    D. Check the disk for Slack Space

  • Question 320:

    What are the security risks of running a "repair" installation for Windows XP?

    A. Pressing Shift+F1 gives the user administrative rights
    B. Pressing Ctrl+F10 gives the user administrative rights
    C. There are no security risks when running the "repair" installation for Windows XP
    D. Pressing Shift+F10 gives the user administrative rights

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.