1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-Council Certified Computer Hacking Forensic Investigator (V10)

Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1006 Q&As
  • Last Updated
    :Apr 12, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-49V10 Questions & Answers

  • Question 101:

    In Steganalysis, which of the following describes a Known-stego attack?

    A. The hidden message and the corresponding stego-image are known

    B. During the communication process, active attackers can change cover

    C. Original and stego-object are available and the steganography algorithm is known

    D. Only the steganography medium is available for analysis

  • Question 102:

    What is the size value of a nibble?

    A. 0.5 kilo byte

    B. 0.5 bit

    C. 0.5 byte

    D. 2 bits

  • Question 103:

    Which of the following tool enables a user to reset his/her lost admin password in a Windows system?

    A. Advanced Office Password Recovery

    B. Active@ Password Changer

    C. Smartkey Password Recovery Bundle Standard

    D. Passware Kit Forensic

  • Question 104:

    Which of the following attacks allows an attacker to access restricted directories, including application source code, configuration and critical system files, and to execute commands outside of the web server's root directory?

    A. Parameter/form tampering

    B. Unvalidated input

    C. Directory traversal

    D. Security misconfiguration

  • Question 105:

    Which among the following files provides email header information in the Microsoft Exchange server?

    A. gwcheck.db

    B. PRIV.EDB

    C. PUB.EDB

    D. PRIV.STM

  • Question 106:

    Jason discovered a file named $RIYG6VR.doc in the C:\$Recycle.Bin\\ while analyzing a hard disk image for the deleted data. What inferences can he make from the file name?

    A. It is a doc file deleted in seventh sequential order

    B. RIYG6VR.doc is the name of the doc file deleted from the system

    C. It is file deleted from R drive

    D. It is a deleted doc file

  • Question 107:

    Which file is a sequence of bytes organized into blocks understandable by the system's linker?

    A. executable file

    B. source file

    C. Object file

    D. None of these

  • Question 108:

    Smith, a forensic examiner, was analyzing a hard disk image to find and acquire deleted sensitive files. He stumbled upon a $Recycle.Bin folder in the root directory of the disk. Identify the operating system in use.

    A. Windows 98

    B. Linux

    C. Windows 8.1

    D. Windows XP

  • Question 109:

    What is the default IIS log location?

    A. SystemDrive\inetpub\LogFiles

    B. %SystemDrive%\inetpub\logs\LogFiles

    C. %SystemDrive\logs\LogFiles

    D. SystemDrive\logs\LogFiles

  • Question 110:

    Charles has accidentally deleted an important file while working on his Mac computer. He wants to recover the deleted file as it contains some of his crucial business secrets. Which of the following tool will help Charles?

    A. Xplico

    B. Colasoft's Capsa

    C. FileSalvage

    D. DriveSpy

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.