1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-COUNCIL 312-49V10 Online Practice Questions and Exam Preparation

312-49V10 Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1028 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-49V10 Online Questions & Answers

  • Question 681:

    Adam is thinking of establishing a hospital in the US and approaches John, a software developer to build a site and host it for him on one of the servers, which would be used to store patient health records. He has learned from his legal advisors that he needs to have the server's log data reviewed and managed according to certain standards and regulations.

    Which of the following regulations are the legal advisors referring to?

    A. Health Insurance Portability and Accountability Act of 1996 (HIPAA)
    B. Payment Card Industry Data Security Standard (PCI DSS)
    C. Data Protection Act of 2018
    D. Electronic Communications Privacy Act

  • Question 682:

    Which of the following files DOES NOT use Object Linking and Embedding (OLE) technology to embed and link to other objects?

    A. Portable Document Format
    B. MS-office Word Document
    C. MS-office Word OneNote
    D. MS-office Word PowerPoint

  • Question 683:

    Randy has extracted data from an old version of a Windows-based system and discovered info file Dc5. txt in the system recycle bin. What does the file name denote?

    A. A text file deleted from C drive in sixth sequential order
    B. A text file deleted from C drive in fifth sequential order
    C. A text file copied from D drive to C drive in fifth sequential order
    D. A text file copied from C drive to D drive in fifth sequential order

  • Question 684:

    You are called by an author who is writing a book and he wants to know how long the copyright for his book will last after he has the book published?

    A. 70 years
    B. The life of the author
    C. The life of the author plus 70 years
    D. Copyrights last forever

  • Question 685:

    Cylie is investigating a network breach at a state organization in Florida. She discovers that the intruders were able to gain access into the company firewalls by overloading them with IP packets. Cylie then discovers through her investigation that the intruders hacked into the company phone system and used the hard drives on their PBX system to store shared music files.

    What would this attack on the company PBX system be called?

    A. Phreaking
    B. Squatting
    C. Crunching
    D. Pretexting

  • Question 686:

    An investigator is studying a suspicious Windows service discovered on a corporate system that seems to be associated with malware. Theservice has a name similar to a genuine Windows service, runs as a SYSTEM account, and exhibits potentially harmful behavior.

    Which tool and method should the investigator use to study the service's behavior without allowing it to inflict more damage?

    A. Deploy Autoruns for Windows to check if the suspicious service is configured to run at system bootup
    B. Inspect the startup folder for the presence of the suspicious service using command prompt commands
    C. Use SrvMan to stop the suspicious service and analyze its impact on the system
    D. Utilize the Windows Service Manager to create an identical service and study its behavior

  • Question 687:

    NTFS sets a flag for the file once you encrypt it and creates an EFS attribute where it stores Data Decryption Field (DDF) and Data Recovery Field (DDR). Which of the following is not a part of DDF?

    A. Encrypted FEK
    B. Checksum
    C. EFS Certificate Hash
    D. Container Name

  • Question 688:

    What will the following URL produce in an unpatched IIS Web Server? http://www.thetargetsite.com/scripts/..% co%af../..%co%af../windows/system32/cmd.exe?/c+dir+c:\

    A. Directory listing of C: drive on the web server
    B. Execute a buffer flow in the C: drive of the web server
    C. Directory listing of the C:\windows\system32 folder on the web server
    D. Insert a Trojan horse into the C: drive of the web server

  • Question 689:

    You are the incident response manager at a regional bank. While performing routine auditing of web application logs, you find several attempted login submissions that contain the following strings:

    < SCRIPT type="text/javascript" >

    var adr = '../evil.php?cakemonster=' + escape(document.cookie);

    < /SCRIPT >

    What kind of attack has occurred?

    A. Cross-site scripting
    B. Cross-site request forgery
    C. Buffer overflow
    D. SQL injection

  • Question 690:

    James, a forensics specialist, was tasked with investigating a Windows XP machine that was used for malicious online activities. During the investigation, he recovered certain deleted files from Recycle Bin to identify attack clues. Identify the location of Recycle Bin in Windows XP system.

    A. local/share/Trash
    B. Drive:\RECYCLER\
    C. Drive:\RECYCLED
    D. Drive:\$Recycle.Bin\

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.