312-49V9 Exam Details
-
Exam Code
:312-49V9 -
Exam Name
:EC-Council Certified Computer Hacking Forensic Investigator (V9) -
Certification
:EC-COUNCIL Certifications -
Vendor
:EC-COUNCIL -
Total Questions
:486 Q&As -
Last Updated
:May 26, 2026
EC-COUNCIL 312-49V9 Online Questions & Answers
-
Question 231:
You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web
security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities:
When you type this and click on search, you receive a pop-up window that says:
"This is a test." What is the result of this test?
A. Your website is vulnerable to SQL injection
B. Your website is vulnerable to CSS
C. Your website is vulnerable to web bugs
D. Your website is not vulnerable -
Question 232:
When an investigator contacts by telephone the domain administrator or controller listed by a whois lookup to request all e-mails sent and received for a user account be preserved, what U.S.C. statute authorizes this phone call and obligates the ISP to preserve e-mail records?
A. Title 18, Section 1030
B. Title 18, Section 2703(d)
C. Title 18, Section Chapter 90
D. Title 18, Section 2703(f) -
Question 233:
Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is Jessica going to perform?
A. ICMP ping sweep
B. Ping trace
C. Tracert
D. Smurf scan -
Question 234:
Physical security recommendations: There should be only one entrance to a forensics lab
A. True
B. False -
Question 235:
Identify the attack from following sequence of actions? Step 1: A user logs in to a trusted site and creates a new session Step 2: The trusted site stores a session identifier for the session in a cookie in the web browser Step 3: The user is tricked to visit a malicious site Step 4: the malicious site sends a request from the user's browser using his session cookie
A. Web Application Denial-of-Service (DoS) Attack
B. Cross-Site Scripting (XSS) Attacks
C. Cross-Site Request Forgery (CSRF) Attack
D. Hidden Field Manipulation Attack -
Question 236:
A computer forensics investigator is inspecting the firewall logs for a large financial institution that has employees working 24 hours a day, 7 days a week.
What can the investigator infer from the screenshot seen below?
A. A smurf attack has been attempted
B. A denial of service has been attempted
C. Network intrusion has occurred
D. Buffer overflow attempt on the firewall. -
Question 237:
What is the name of the standard Linux command that can be used to create bit-stream images?
A. mcopy
B. image
C. MD5
D. dd -
Question 238:
What must an investigator do before disconnecting an iPod from any type of computer?
A. Unmount the iPod
B. Mount the iPod
C. Disjoin the iPod
D. Join the iPod -
Question 239:
According to US federal rules, to present a testimony in a court of law, an expert witness needs to furnish certain information to prove his eligibility. Jason, a qualified computer forensic expert who has started practicing two years back, was denied an expert testimony in a computer crime case by the US Court of Appeals for the Fourth Circuit in Richmond, Virginia. Considering the US federal rules, what could be the most appropriate reason for the court to reject Jason's eligibility as an expert witness?
A. Jason was unable to furnish documents showing four years of previous experience in the field
B. Being a computer forensic expert, Jason is not eligible to present testimony in a computer crime case
C. Jason was unable to furnish documents to prove that he is a computer forensic expert
D. Jason was not aware of legal issues involved with computer crimes -
Question 240:
Graphics Interchange Format (GIF) is a ___________RGB bitmap Image format for Images with up to 256 distinct colors per frame.
A. 8-bit
B. 16-bit
C. 24-bit
D. 32-bit
Related Exams:
-
112-51
EC-Council Certified Network Defense Essentials (NDE) -
212-055
Sun Certified Programmer for the Java 2 Platform.SE 5.0 -
212-77
EC-Council Certified Linux Security -
212-81
EC-Council Certified Encryption Specialist (ECES) -
212-82
EC-Council Certified Cybersecurity Technician (C|CT) -
212-89
EC Council Certified Incident Handler (ECIH v3) -
312-38
EC-Council Certified Network Defender (CND) -
312-39
EC-Council Certified SOC Analyst (CSA) -
312-40
EC-Council Certified Cloud Security Engineer (CCSE) -
312-49
ECCouncil Computer Hacking Forensic Investigator (V9)
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V9 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.