1. Home
  2. EC-COUNCIL
  3. 312-49V9

EC-COUNCIL 312-49V9 Online Practice Questions and Exam Preparation

312-49V9 Exam Details

  • Exam Code
    :312-49V9
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V9)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :486 Q&As
  • Last Updated
    :May 26, 2026

EC-COUNCIL 312-49V9 Online Questions & Answers

  • Question 421:

    Centralized logging is defined as gathering the computer system logs for a group of systems in a centralized location. It is used to efficiently monitor computer system logs with the frequency required to detect security violations and unusual activity.

    A. True
    B. False

  • Question 422:

    Lance wants to place a honeypot on his network. Which of the following would be your recommendations?

    A. Use a system that has a dynamic addressing on the network
    B. Use a system that is not directly interacing with the router
    C. Use it on a system in an external DMZ in front of the firewall
    D. It doesn't matter as all replies are faked

  • Question 423:

    You are a security analyst performing a penetration tests for a company in the Midwest. After some initial reconnaissance, you discover the IP addresses of some Cisco routers used by the company. You type in the following URL that includes the IP address of one of the routers:

    http://172.168.4.131/level/99/exec/show/config

    After typing in this URL, you are presented with the entire configuration file for that router. What have you discovered?

    A. URL Obfuscation Arbitrary Administrative Access Vulnerability
    B. HTML Configuration Arbitrary Administrative Access Vulnerability
    C. Cisco IOS Arbitrary Administrative Access Online Vulnerability
    D. HTTP Configuration Arbitrary Administrative Access Vulnerability

  • Question 424:

    When the operating system marks cluster as used, but does not allocate them to any file, such clusters are known as ___________.

    A. Lost clusters
    B. Bad clusters
    C. Empty clusters
    D. Unused clusters

  • Question 425:

    When collecting evidence from the RAM, where do you look for data?

    A. Swap file
    B. SAM file
    C. Data file
    D. Log file

  • Question 426:

    The efforts to obtain information before a trial by demanding documents, depositions, questions and answers written under oath, written requests for admissions of fact, and examination of the scene is a description of what legal term?

    A. Detection
    B. Hearsay
    C. Spoliation
    D. Discovery

  • Question 427:

    Paraben Lockdown device uses which operating system to write hard drive data?Paraben? Lockdown device uses which operating system to write hard drive data?

    A. Mac OS
    B. Red Hat
    C. Unix
    D. Windows

  • Question 428:

    Dumpster Diving refers to:

    A. Searching for sensitive information in the user's trash bins and printer trash bins, and searching the user's desk for sticky notes
    B. Looking at either the user's keyboard or screen while he/she is logging in
    C. Convincing people to reveal the confidential information
    D. Creating a set of dictionary words and names, and trying all the possible combinations to crack the password

  • Question 429:

    Using Internet logging software to investigate a case of malicious use of computers, the investigator comes across some entries that appear odd.

    From the log, the investigator can see where the person in question went on the Internet. From the log, it appears that the user was manually typing in different user ID numbers. What technique this user was trying?

    A. Parameter tampering
    B. Cross site scripting
    C. SQL injection
    D. Cookie Poisoning

  • Question 430:

    Why is it still possible to recover files that have been emptied from the Recycle Bin on a Windows computer?

    A. The data is still present until the original location of the file is used
    B. The data is moved to the Restore directory and is kept there indefinitely
    C. The data will reside in the L2 cache on a Windows computer until it is manually deleted
    D. It is not possible to recover data that has been emptied from the Recycle Bin

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V9 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.