1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-COUNCIL 312-49V10 Online Practice Questions and Exam Preparation

312-49V10 Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1028 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-49V10 Online Questions & Answers

  • Question 851:

    To understand the impact of a malicious program after the booting process and to collect recent information from the disk partition, an investigator should evaluate the content of the:

    A. GRUB
    B. UEFI
    C. MBR
    D. BIOS

  • Question 852:

    Wireless access control attacks aim to penetrate a network by evading WLAN access control measures, such as AP MAC filters and Wi-Fi port access controls.

    Which of the following wireless access control attacks allows the attacker to set up a rogue access point outside the corporate perimeter, and then lure the employees of the organization to connect to it?

    A. War driving
    B. Rogue access points
    C. MAC spoofing
    D. Client mis-association

  • Question 853:

    During an intense cybercrime investigation, an inexperienced first responder mistakenly mishandled a piece of digital evidence. It was later discovered that the chain of custody was also incomplete. If not properly documented, which of the following details would make the chain of custody deficient?

    A. The exact number of photos taken at the crime scene
    B. The color of the digital device from which the evidence was extracted
    C. The manufacturing company of the device from which evidence was extracted
    D. The reason and process for obtaining the evidence

  • Question 854:

    What feature of Decryption Collection allows an investigator to crack a password as quickly as possible?

    A. Cracks every password in 10 minutes
    B. Distribute processing over 16 or fewer computers
    C. Support for Encrypted File System
    D. Support for MD5 hash verification

  • Question 855:

    Which of the following is NOT a part of pre-investigation phase?

    A. Building forensics workstation
    B. Gathering information about the incident
    C. Gathering evidence data
    D. Creating an investigation team

  • Question 856:

    The Electronic Serial Number (ESN) is a unique __________ recorded on a secure chip in a mobile phone by the manufacturer.

    A. 16-bit identifier
    B. 24-bit identifier
    C. 32-bit identifier
    D. 64-bit identifier

  • Question 857:

    In an email crime investigation, the forensic investigator analyses a computer using the Microsoft Outlook application. The investigator knows that Outlook stores email data in both .pst and .ost file formats. They want to focus on the files that hold the email data even when there is no internet connection.

    Which files should the investigator target for a deeper analysis?

    A. Offline Storage Table (.ost) files located at C:\Users\%USERNAME%\AppData\Local\Microsoft\Outlook
    B. Email data located within Mozilla Thunderbird and Apple Mail email clients
    C. Archived email files in .pst format located via File --> Options --> Advanced --> AutoArchive Settings
    D. Personal Storage Table (.pst) files located at C:\Users\%USERNAME%\Documents\Outlook Files

  • Question 858:

    When making the preliminary investigations in a sexual harassment case, how many investigators are you recommended having?

    A. One
    B. Two
    C. Three
    D. Four

  • Question 859:

    During a digital forensics investigation, you discovered an SQL injection attack that occurred on a MySQL database using the MyISAM storage engine. You found the '.MYD' and '.MYI' files for the attacked table in the MySQL data directory. You also identified the type of SQL injection attackas a UNION-based attack.

    Which of the following steps would be the most effective in your investigation?

    A. Analyzing the MySQL error log (HOSTNAME.err) for irregularities
    B. Checking the '.MYD' le to nd evidence of the attack in the table data
    C. Investigating the '.MYI' file to inspect the index of the attacked table
    D. Inspecting the Binary log (HOSTNAME-bin.nnnnnn) for unusual transactions

  • Question 860:

    What is a SCSI (Small Computer System Interface)?

    A. A set of ANSI standard electronic interfaces that allow personal computers to communicate with peripheral hardware such as disk drives, tape drives. CD-ROM drives, printers, and scanners
    B. A standard electronic interface used between a computer motherboard's data paths or bus and the computer's disk storage devices
    C. A "plug-and-play" interface, which allows a device to be added without an adapter card and without rebooting the computer
    D. A point-to-point serial bi-directional interface for transmitting data between computer devices at data rates of up to 4 Gbps

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.