1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-COUNCIL 312-49V10 Online Practice Questions and Exam Preparation

312-49V10 Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1028 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-49V10 Online Questions & Answers

  • Question 911:

    You are employed directly by an attorney to help investigate an alleged sexual harassment case at a large pharmaceutical manufacturer. While at the corporate office of the company, the CEO demands to know the status of the investigation. What prevents you from discussing the case with the CEO?

    A. The attorney-work-product rule
    B. Good manners
    C. Trade secrets
    D. ISO 17799

  • Question 912:

    James, a hacker, identifies a vulnerability in a website. To exploit the vulnerability, he visits the login page and notes down the session ID that is created. He appends this session ID to the login URL and shares the link with a victim. Once the victim logs into the website using the shared URL, James reloads the webpage (containing the URL with the session ID appended) and now, he can browse the active session of the victim.

    Which attack did James successfully execute?

    A. Cross Site Request Forgery
    B. Cookie Tampering
    C. Parameter Tampering
    D. Session Fixation Attack

  • Question 913:

    A master boot record (MBR) is the first sector ("sector zero") of a data storage device. What is the size of MBR?

    A. Depends on the capacity of the storage device
    B. 1048 Bytes
    C. 4092 Bytes
    D. 512 Bytes

  • Question 914:

    There's a digital forensics investigator delving into a case right now. The situation involves an SQL Server database that's been tampered with by an intruder. Some data from the database has vanished, and the real kicker is that there aren't

    any backup files to be found.

    The investigator's task is to recover as much data as possible. The investigator needs to understand which SQL Server data file will most likely assist in the data recovery.

    What should be the investigator's primary focus?

    A. Page Header because it contains metadata about the page like page ID, page type
    B. LDF because it holds the log information associated with the database
    C. MDF because it stores all data in the database objects
    D. NDF because it can store additional data separate from the primary data file

  • Question 915:

    The use of warning banners helps a company avoid litigation by overcoming an employee assumed __________________________. When connecting to the company's intranet, network or Virtual Private Network(VPN) and will allow the company's investigators to monitor, search and retrieve information stored within the network.

    A. Right to work
    B. Right of free speech
    C. Right to Internet access
    D. Right of privacy

  • Question 916:

    SMTP (Simple Mail Transfer protocol) receives outgoing mail from clients and validates source and destination addresses, and also sends and receives emails to and from other SMTP servers.

    A. True
    B. False

  • Question 917:

    Jason, a renowned forensic investigator, is investigating a network attack that resulted in the compromise of several systems in a reputed multinational's network. He started Wireshark to capture the network traffic. Upon investigation, he found that the DNS packets travelling across the network belonged to a non-company configured IP.

    Which of the following attack Jason can infer from his findings?

    A. DNS Poisoning
    B. Cookie Poisoning Attack
    C. DNS Redirection
    D. Session poisoning

  • Question 918:

    Which of the following tool creates a bit-by-bit image of an evidence media?

    A. Recuva
    B. FileMerlin
    C. AccessData FTK Imager
    D. Xplico

  • Question 919:

    Syslog is a client/server protocol standard for forwarding log messages across an IP network. Syslog uses ___________to transfer log messages in a clear text format.

    A. TCP
    B. FTP
    C. SMTP
    D. POP

  • Question 920:

    Data is striped at a byte level across multiple drives, and parity information is distributed among all member drives.

    What RAID level is represented here?

    A. RAID Level 0
    B. RAID Level 5
    C. RAID Level 3
    D. RAID Level 1

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.