1. Home
  2. EC-COUNCIL
  3. 312-49V9

EC-COUNCIL 312-49V9 Online Practice Questions and Exam Preparation

312-49V9 Exam Details

  • Exam Code
    :312-49V9
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V9)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :486 Q&As
  • Last Updated
    :May 26, 2026

EC-COUNCIL 312-49V9 Online Questions & Answers

  • Question 321:

    Depending upon the Jurisdictional areas, different laws apply to different incidents. Which of the following law is related to fraud and related activity in connection with computers?

    A. 18 USC 7029
    B. 18 USC 7030
    C. 18 USC 7361
    D. 18 USC 7371

  • Question 322:

    Julia is a senior security analyst for Berber Consulting group. She is currently working on a contract for a small accounting firm in Florida. They have given her permission to perform social engineering attacks on the company to see if their in-house training did any good. Julia calls the main number for the accounting firm and talks to the receptionist. Julia says that she is an IT technician from the company's main office in Iowa. She states that she needs the receptionist's network username and password to troubleshoot a problem they are having. Julia says that Bill Hammond, the CEO of the company, reQuested this information. After hearing the name of the CEO, the receptionist gave Julia all the information she asked for. What principal of social engineering did Julia use?

    A. Social Validation
    B. Friendship/Liking
    C. Reciprocation
    D. Scarcity

  • Question 323:

    What is the target host IP in the following command? C:\> firewalk -F 80 10.10.150.1 172.16.28.95 -p UDP

    A. 10.10.150.1
    B. This command is using FIN packets, which cannot scan target hosts
    C. Firewalk does not scan target hosts
    D. 172.16.28.95

  • Question 324:

    Which of the following email headers specifies an address for mailer-generated errors, like "no such user" bounce messages, to go to (instead of the sender's address)?

    A. Errors-To header
    B. Content-Transfer-Encoding header
    C. Mime-Version header
    D. Content-Type header

  • Question 325:

    Melanie was newly assigned to an investigation and asked to make a copy of all the evidence from the compromised system. Melanie did a DOS copy of all the files on the system. What would be the primary reason for you to recommend a disk imaging tool?

    A. A disk imaging tool would check for CRC32s for internal self checking and validation and have MD5 checksum
    B. Evidence file format will contain case data entered by the examiner and encrypted at the beginning of the evidence file
    C. A simple DOS copy will not include deleted files, file slack and other information
    D. There is no case for an imaging tool as it will use a closed, proprietary format that if compared to the original will not match up sector for sector

  • Question 326:

    Computer forensics report provides detailed information on complete computer forensics investigation process. It should explain how the incident occurred, provide technical details of the incident and should be clear to understand. Which of the following attributes of a forensics report can render it inadmissible in a court of law?

    A. It includes metadata about the incident
    B. It includes relevant extracts referred to In the report that support analysis or conclusions
    C. It is based on logical assumptions about the incident timeline
    D. It maintains a single document style throughout the text

  • Question 327:

    Corporate investigations are typically easier than public investigations because:

    A. the users have standard corporate equipment and software
    B. the investigator does not have to get a warrant
    C. the investigator has to get a warrant
    D. the users can load whatever they want on their machines

  • Question 328:

    You can interact with the Registry through intermediate programs. Graphical user interface (GUI) Registry editors such as Regedit.exe or Regedt32 exe are commonly used as intermediate programs in Windows 7. Which of the following is a root folder of the registry editor?

    A. HKEY_USERS
    B. HKEY_LOCAL_ADMIN
    C. HKEY_CLASSES_ADMIN
    D. HKEY_CLASSES_SYSTEM

  • Question 329:

    What is the first step taken in an investigation for laboratory forensic staff members?

    A. Packaging the electronic evidence
    B. Securing and evaluating the electronic crime scene
    C. Conducting preliminary interviews
    D. Transporting the electronic evidence

  • Question 330:

    Harold is finishing up a report on a case of network intrusion, corporate spying, and embezzlement that he has been working on for over six months. He is trying to find the right term to use in his report to describe network-enabled spying. What term should Harold use?

    A. Spycrack
    B. Spynet
    C. Netspionage
    D. Hackspionage

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V9 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.