1. Home
  2. EC-COUNCIL
  3. 312-49

ECCouncil Computer Hacking Forensic Investigator (V9)

Exam Details

  • Exam Code
    :312-49
  • Exam Name
    :ECCouncil Computer Hacking Forensic Investigator (V9)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :531 Q&As
  • Last Updated
    :Apr 11, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-49 Questions & Answers

  • Question 81:

    Which command line tool is used to determine active network connections?

    A. netsh

    B. nbstat

    C. nslookup

    D. netstat

  • Question 82:

    An investigator has found certain details after analysis of a mobile device. What can reveal the manufacturer information?

    A. Equipment Identity Register (EIR)

    B. Electronic Serial Number (ESN)

    C. International mobile subscriber identity (IMSI)

    D. Integrated circuit card identifier (ICCID)

  • Question 83:

    Which of the following application password cracking tool can discover all password-protected items on a computer and decrypts them?

    A. TestDisk for Windows

    B. R-Studio

    C. Windows Password Recovery Bootdisk

    D. Passware Kit Forensic

  • Question 84:

    Select the tool appropriate for examining the dynamically linked libraries of an application or malware.

    A. DependencyWalker

    B. SysAnalyzer

    C. PEiD

    D. ResourcesExtract

  • Question 85:

    Which among the following U.S. laws requires financial institutions--companies that offer consumers financial products or services such as loans, financial or investment advice, or insurance--to protect their customers' information against security threats?

    A. SOX

    B. HIPAA

    C. GLBA

    D. FISMA

  • Question 86:

    Which of the following registry hive gives the configuration information about which application was used to open various files on the system?

    A. HKEY_CLASSES_ROOT

    B. HKEY_CURRENT_CONFIG

    C. HKEY_LOCAL_MACHINE

    D. HKEY_USERS

  • Question 87:

    Raw data acquisition format creates _________ of a data set or suspect drive.

    A. Segmented image files

    B. Simple sequential flat files

    C. Compressed image files

    D. Segmented files

  • Question 88:

    CAN-SPAM act requires that you:

    A. Don't use deceptive subject lines

    B. Don't tell the recipients where you are located

    C. Don't identify the message as an ad

    D. Don't use true header information

  • Question 89:

    When a user deletes a file, the system creates a $I file to store its details. What detail does the $I file not contain?

    A. File Size

    B. File origin and modification

    C. Time and date of deletion

    D. File Name

  • Question 90:

    Jacob is a computer forensics investigator with over 10 years of experience in investigations and has written over 50 articles on computer forensics. He has been called upon as a qualified witness to testify the accuracy and integrity of the technical log files gathered in an investigation into computer fraud. What is the term used for Jacob's testimony in this case?

    A. Certification

    B. Justification

    C. Reiteration

    D. Authentication

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.