1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-COUNCIL 312-49V10 Online Practice Questions and Exam Preparation

312-49V10 Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1028 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 312-49V10 Online Questions & Answers

  • Question 961:

    A packet is sent to a router that does not have the packet destination address in its route table. How will the packet get to its proper destination?

    A. Border Gateway Protocol
    B. Root Internet servers
    C. Gateway of last resort
    D. Reverse DNS

  • Question 962:

    Chris has been called upon to investigate a hacking incident reported by one of his clients. The company suspects the involvement of an insider accomplice in the attack. Upon reaching the incident scene, Chris secures the physical area, records the scene using visual media. He shuts the system down by pulling the power plug so that he does not disturb the system in any way. He labels all cables and connectors prior to disconnecting any. What do you think would be the next sequence of events?

    A. Connect the target media; prepare the system for acquisition; Secure the evidence; Copy the media
    B. Prepare the system for acquisition; Connect the target media; copy the media; Secure the evidence
    C. Connect the target media; Prepare the system for acquisition; Secure the evidence; Copy the media
    D. Secure the evidence; prepare the system for acquisition; Connect the target media; Copy the media

  • Question 963:

    As a Computer Hacking Forensics Investigator, you are tasked with tracing a series of illegal transactions believed to originate from the dark web. You know the transactions were made using Tor, a browser providing anonymity. However, in an authoritarian country where the usage of the Tor network is restricted, the suspect is believed to be using an undisclosed Tor network feature to bypass these restrictions.

    What feature is likely being used in this scenario?

    A. Exit Relay
    B. Entry/Guard Relay
    C. Tor Bridge Node
    D. Middle Relay

  • Question 964:

    System software password cracking is defined as cracking the operating system and all other utilities that enable a computer to function

    A. True
    B. False

  • Question 965:

    During a recent network intrusion investigation, a CHFI received logs from Juniper IDS, Check Point IPS, and a Kippo Honeypot. Which log providesinformation about the network traffic and bandwidth adjustment, aiding in business risk valuation?

    A. Kippo Honeypot
    B. Juniper IDS
    C. None of the above
    D. Check Point IPS

  • Question 966:

    What is the purpose of using Obfuscator in malware?

    A. Execute malicious code in the system
    B. Avoid encryption while passing through a VPN
    C. Avoid detection by security mechanisms
    D. Propagate malware to other connected devices

  • Question 967:

    Ronald, a forensic investigator, has been hired by a financial services organization to investigate an attack on their MySQL database server, which is hosted on a Windows machine named WIN-DTRAI83202X. Ronald wants to retrieve information on the changes that have been made to the database.

    Which of the following files should Ronald examine for this task?

    A. WIN-DTRAI83202X-bin.nnnnnn
    B. WIN-DTRAI83202Xslow.log
    C. relay-log.info
    D. WIN-DTRAI83202Xrelay-bin.index

  • Question 968:

    A forensic examiner is examining a Windows system seized from a crime scene. During the examination of a suspect file, he discovered that the file is password protected. He tried guessing the password using the suspect's available information but without any success.

    Which of the following tool can help the investigator to solve this issue?

    A. Cain and Abel
    B. Xplico
    C. Recuva
    D. Colasoft's Capsa

  • Question 969:

    Davidson Trucking is a small transportation company that has three local offices in Detroit Michigan. Ten female employees that work for the company have gone to an attorney reporting that male employees repeatedly harassed them and that management did nothing to stop the problem. Davidson has employee policies that outline all company guidelines, including awareness on harassment and how it will not be tolerated.

    When the case is brought to court, whom should the prosecuting attorney call upon for not upholding company policy?

    A. IT personnel
    B. Employees themselves
    C. Supervisors
    D. Administrative assistant in charge of writing policies

  • Question 970:

    A large corporation has recently undergone a cyberattack. The forensic analyst finds suspicious activities in the Windows Event logs during the investigation. The analyst notes that a specific service on the machine has been frequently starting and stopping during the time of the attack.

    What event IDs should the analyst look for in the System log to confirm this suspicious behavior?

    A. Event ID 7035 and Event ID 7036
    B. Event ID 1 and Event ID 7035
    C. Event ID 7031 and Event ID 7032
    D. Event ID 7036 and Event ID 7037

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.