1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-Council Certified Computer Hacking Forensic Investigator (V10)

Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1006 Q&As
  • Last Updated
    :May 06, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-49V10 Questions & Answers

  • Question 501:

    Under confession, an accused criminal admitted to encrypting child pornography pictures and then hiding them within other pictures. What technique did the accused criminal employ?

    A. Typography

    B. Steganalysis

    C. Picture encoding

    D. Steganography

  • Question 502:

    Paraben Lockdown device uses which operating system to write hard drive data?Paraben? Lockdown device uses which operating system to write hard drive data?

    A. Mac OS

    B. Red Hat

    C. Unix

    D. Windows

  • Question 503:

    Which is a standard procedure to perform during all computer forensics investigations?

    A. With the hard drive in the suspect PC, check the date and time in the system CMOSWith the hard drive in the suspect PC, check the date and time in the system? CMOS

    B. With the hard drive removed from the suspect PC, check the date and time in the system CMOSWith the hard drive removed from the suspect PC, check the date and time in the system? CMOS

    C. With the hard drive in the suspect PC, check the date and time in the File Allocation Table

    D. With the hard drive removed from the suspect PC, check the date and time in the system RAMWith the hard drive removed from the suspect PC, check the date and time in the system? RAM

  • Question 504:

    A small law firm located in the Midwest has possibly been breached by a computer hacker looking to obtain information on their clientele. The law firm does not have any on-site IT employees, but wants to search for evidence of the breach themselves to prevent any possible media attention. Why would this not be recommended?

    A. Searching for evidence themselves would not have any ill effects

    B. Searching could possibly crash the machine or device

    C. Searching creates cache files, which would hinder the investigation

    D. Searching can change date/time stamps

  • Question 505:

    Travis, a computer forensics investigator, is finishing up a case he has been working on for over a month involving copyright infringement and embezzlement. His last task is to prepare an investigative report for the president of the company he has been working for. Travis must submit a hard copy and an electronic copy to this president. In what electronic format should Travis send this report?

    A. TIFF-8

    B. DOC

    C. WPD

    D. PDF

  • Question 506:

    A forensics investigator is searching the hard drive of a computer for files that were recently moved to the Recycle Bin. He searches for files in C:\RECYCLED using a command line tool but does not find anything. What is the reason for this?

    A. He should search in C:\Windows\System32\RECYCLED folder

    B. The Recycle Bin does not exist on the hard drive

    C. The files are hidden and he must use switch to view themThe files are hidden and he must use ? switch to view them

    D. Only FAT system contains RECYCLED folder and not NTFS

  • Question 507:

    What hashing method is used to password protect Blackberry devices?

    A. AES

    B. RC5

    C. MD5

    D. SHA-1

  • Question 508:

    With regard to using an antivirus scanner during a computer forensics investigation, you should:

    A. Scan the suspect hard drive before beginning an investigation

    B. Never run a scan on your forensics workstation because it could change your system configurationNever run a scan on your forensics workstation because it could change your system? configuration

    C. Scan your forensics workstation at intervals of no more than once every five minutes during an investigation

    D. Scan your forensics workstation before beginning an investigation

  • Question 509:

    When examining a file with a Hex Editor, what space does the file header occupy?

    A. The first several bytes of the file

    B. One byte at the beginning of the file

    C. None, file headers are contained in the FAT

    D. The last several bytes of the file

  • Question 510:

    What technique is used by JPEGs for compression?

    A. ZIP

    B. TCD

    C. DCT

    D. TIFF-8

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.