1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-COUNCIL 312-49V10 Online Practice Questions and Exam Preparation

312-49V10 Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1028 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-49V10 Online Questions & Answers

  • Question 581:

    In Steganalysis, which of the following describes a Known-stego attack?

    A. The hidden message and the corresponding stego-image are known
    B. During the communication process, active attackers can change cover
    C. Original and stego-object are available and the steganography algorithm is known
    D. Only the steganography medium is available for analysis

  • Question 582:

    You setup SNMP in multiple offices of your company. Your SNMP software manager is not receiving data from other offices like it is for your main office. You suspect that firewall changes are to blame. What ports should you open for SNMP to work through Firewalls? (Choose two)

    A. 161
    B. 162
    C. 163
    D. 160

  • Question 583:

    As a security analyst, you setup a false survey website that will require users to create a username and a strong password. You send the link to all the employees of the company. What information will you be able to gather?

    A. The IP address of the employees
    B. Bank account numbers and the corresponding routing numbers
    C. The employees network usernames and passwords
    D. The MAC address of the employees

  • Question 584:

    What binary coding is used most often for e-mail purposes?

    A. SMTP
    B. Uuencode
    C. IMAP
    D. MIME

  • Question 585:

    Which of the following is a non-zero data that an application allocates on a hard disk cluster in systems running on Windows OS?

    A. Sparse File
    B. Master File Table
    C. Meta Block Group
    D. Slack Space

  • Question 586:

    Which of these rootkit detection techniques function by comparing a snapshot of the file system, boot records, or memory with a known and trusted baseline?

    A. Signature-Based Detection
    B. Integrity-Based Detection
    C. Cross View-Based Detection
    D. Heuristic/Behavior-Based Detection

  • Question 587:

    A considerable data breach has struck a global company, leading to the unfortunate loss of confidential data. The corporation's Cybersecurity unit now faces the task of conducting a deep-dive investigation into this incident. Their findings suggest that advanced hacking tools were utilized in the breach, with the attack seemingly initiated from inside the organization itself.

    Based on this information which statement best describes the type of cybercrime and the potential challenge in this forensic investigation?

    A. Cybercrime can be categorized as an external attack, and the primary challenge will be identifying the source of the sophisticated hacking tools
    B. Cybercrime can be categorized as an internal attack, and a potential challenge will be proving the insider's intent since the attack tools were advanced
    C. Cybercrime can be categorized as an internal attack, and the major challenge will be the probable damage to the physical infrastructure
    D. Cybercrime can be categorized as an external attack, and the primary challenge will be tracing the IP addresses of the attacker

  • Question 588:

    An attorney requests a Computer Hacking Forensics Investigator to check for Dropbox installation on a suspect's hard drive, suspected to contain stolen intellectual property. Given the complexity of the investigation, which of the following steps should be the investigator's primary approach?

    A. The investigator should skip hypothesis formulation and move directly to an experimental design
    B. The investigator should use multiple open-source tools regardless of their market value to start the investigation immediately
    C. The investigator should immediately begin the search for Dropbox installation artifacts without considering the Operating System (OS)
    D. The investigator should formulate a hypothesis considering the Operating System (OS) and the probable Dropbox installation artifacts location in directories: C:\Users\Admin\AppData\Roaming\ or C:\Program Files (x86) or C:\Program Files D

  • Question 589:

    Which of the following is not a part of the technical specification of the laboratory-based imaging system?

    A. High performance workstation PC
    B. Remote preview and imaging pod
    C. Anti-repudiation techniques
    D. very low image capture rate

  • Question 590:

    Bill is the accounting manager for Grummon and Sons LLC in Chicago. On a regular basis, he needs to send PDF documents containing sensitive information through E-mail to his customers. Bill protects the PDF documents with a password and sends them to their intended recipients.

    Why PDF passwords do not offer maximum protection?

    A. PDF passwords are converted to clear text when sent through E-mail
    B. PDF passwords are not considered safe by Sarbanes-Oxley
    C. When sent through E-mail, PDF passwords are stripped from the document completely
    D. PDF passwords can easily be cracked by software brute force tools

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.