312-49V9 Exam Details
-
Exam Code
:312-49V9 -
Exam Name
:EC-Council Certified Computer Hacking Forensic Investigator (V9) -
Certification
:EC-COUNCIL Certifications -
Vendor
:EC-COUNCIL -
Total Questions
:486 Q&As -
Last Updated
:May 26, 2026
EC-COUNCIL 312-49V9 Online Questions & Answers
-
Question 401:
In the following directory listing,
which file should be used to restore archived email messages for someone using Microsoft Outlook?
A. Outlook bak
B. Outlook ost
C. Outlook NK2
D. Outlook pst -
Question 402:
You are working as an investigator for a corporation and you have just received instructions from your manager to assist in the collection of 15 hard drives that are part of an ongoing investigation. Your job is to complete the required evidence custody forms to properly document each piece of evidence as other members of your team collect it. Your manager instructs you to complete one multi-evidence form for the entire case and a single-evidence form for each hard drive. How will these forms be stored to help preserve the chain of custody of the case?
A. All forms should be placed in an approved secure container because they are now primary evidence in the case
B. The multi-evidence form should be placed in an approved secure container with the hard drives and the single-evidence forms should be placed in the report file
C. All forms should be placed in the report file because they are now primary evidence in the case
D. The multi-evidence form should be placed in the report file and the single-evidence forms should be kept with each hard drive in an approved secure container -
Question 403:
Which of the following standard is based on a legal precedent regarding the admissibility of scientific examinations or experiments in legal cases?
A. Daubert Standard
B. Schneiderman Standard
C. Frye Standard
D. FERPA standard -
Question 404:
Which program is the oot loader?when Windows XP starts up?Which program is the ?oot loader?when Windows XP starts up?
A. KERNEL.EXE
B. NTLDR
C. LOADER
D. LILO -
Question 405:
Which of the following filesystem is used by Mac OS X?
A. EFS
B. HFS+
C. EXT2
D. NFS -
Question 406:
Before performing a logical or physical search of a drive in Encase, what must be added to the program?
A. File signatures
B. Keywords
C. Hash sets
D. Bookmarks -
Question 407:
Computer security logs contain information about the events occurring within an organization's systems and networks. Application and Web server log files are useful in detecting web attacks. The source, nature, and time of the attack can be determined by _________of the compromised system.
A. Analyzing log files
B. Analyzing SAM file
C. Analyzing rainbow tables
D. Analyzing hard disk boot records -
Question 408:
Router log files provide detailed Information about the network traffic on the Internet. It gives information about the attacks to and from the networks. The router stores log files in the____________.
A. Router cache
B. Application logs
C. IDS logs
D. Audit logs -
Question 409:
You are working as a computer forensics investigator for a corporation on a computer abuse case. You discover evidence that shows the subject of your investigation is also embezzling money from the company. The company CEO and the corporate legal counsel advise you to contact local law enforcement and provide them with the evidence that you have found. The law enforcement officer that responds requests that you put a network sniffer on your network and monitor all traffic to the subject computer. You inform the officer that you will not be able to comply with thatnetwork sniffer on your network and monitor all traffic to the subject? computer. You inform the officer that you will not be able to comply with that request because doing so would:
A. Violate your contract
B. Cause network congestion
C. Make you an agent of law enforcement
D. Write information to the subject hard driveWrite information to the subject? hard drive -
Question 410:
When a router receives an update for its routing table, what is the metric value change to that path?
A. Increased by 2
B. Decreased by 1
C. Increased by 1
D. Decreased by 2
Related Exams:
-
112-51
EC-Council Certified Network Defense Essentials (NDE) -
212-055
Sun Certified Programmer for the Java 2 Platform.SE 5.0 -
212-77
EC-Council Certified Linux Security -
212-81
EC-Council Certified Encryption Specialist (ECES) -
212-82
EC-Council Certified Cybersecurity Technician (C|CT) -
212-89
EC Council Certified Incident Handler (ECIH v3) -
312-38
EC-Council Certified Network Defender (CND) -
312-39
EC-Council Certified SOC Analyst (CSA) -
312-40
EC-Council Certified Cloud Security Engineer (CCSE) -
312-49
ECCouncil Computer Hacking Forensic Investigator (V9)
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V9 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.