1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-Council Certified Computer Hacking Forensic Investigator (V10)

Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1006 Q&As
  • Last Updated
    :May 06, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-49V10 Questions & Answers

  • Question 571:

    When performing a forensics analysis, what device is used to prevent the system from recording data on an evidence disk?

    A. Write-blocker

    B. Protocol analyzer

    C. Firewall

    D. Disk editor

  • Question 572:

    What file is processed at the end of a Windows XP boot to initialize the logon dialog box?

    A. NTOSKRNL.EXE

    B. NTLDR

    C. LSASS.EXE

    D. NTDETECT.COM

  • Question 573:

    The following is a log file screenshot from a default installation of IIS 6.0.

    What time standard is used by IIS as seen in the screenshot?

    A. UTC

    B. GMT

    C. TAI

    D. UT

  • Question 574:

    If the partition size Is 4 GB, each cluster will be 32 K. Even If a file needs only 10 K, the entire 32 K will be allocated, resulting In 22 K of___________.

    A. Slack space

    B. Deleted space

    C. Cluster space

    D. Sector space

  • Question 575:

    Operating System logs are most beneficial for Identifying or Investigating suspicious activities involving a particular host. Which of the following Operating System logs contains information about operational actions performed by OS components?

    A. Event logs

    B. Audit logs

    C. Firewall logs

    D. IDS logs

  • Question 576:

    The Recycle Bin exists as a metaphor for throwing files away, but it also allows user to retrieve and restore files. Once the file is moved to the recycle bin, a record is added to the log file that exists in the Recycle Bin.

    Which of the following files contains records that correspond to each deleted file in the Recycle Bin?

    A. INFO2 file

    B. INFO1 file

    C. LOGINFO2 file

    D. LOGINFO1 file

  • Question 577:

    Which of the following commands shows you the NetBIOS name table each?

    A. nbtstat -n

    B. nbtstat -c

    C. nbtstat -r

    D. nbtstat -s

  • Question 578:

    Quality of a raster Image is determined by the _________________and the amount of information in each pixel.

    A. Total number of pixels

    B. Image file format

    C. Compression method

    D. Image file size

  • Question 579:

    Ever-changing advancement or mobile devices increases the complexity of mobile device examinations. Which or the following is an appropriate action for the mobile forensic investigation?

    A. To avoid unwanted interaction with devices found on the scene, turn on any wireless interfaces such as Bluetooth and Wi-Fi radios

    B. Do not wear gloves while handling cell phone evidence to maintain integrity of physical evidence

    C. If the device's display is ON. the screen's contents should be photographed and, if necessary, recorded manually, capturing the time, service status, battery level, and other displayed icons

    D. If the phone is in a cradle or connected to a PC with a cable, then unplug the device from the computer

  • Question 580:

    Tracks numbering on a hard disk begins at 0 from the outer edge and moves towards the center, typically reaching a value of ___________.

    A. 1023

    B. 1020

    C. 1024

    D. 2023

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.