1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-Council Certified Computer Hacking Forensic Investigator (V10)

Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1006 Q&As
  • Last Updated
    :Apr 12, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-49V10 Questions & Answers

  • Question 111:

    Which of the following is an iOS Jailbreaking tool?

    A. Kingo Android ROOT

    B. Towelroot

    C. One Click Root

    D. Redsn0w

  • Question 112:

    Which of the following Registry components include offsets to other cells as well as the LastWrite time for the key?

    A. Value list cell

    B. Value cell

    C. Key cell

    D. Security descriptor cell

  • Question 113:

    Files stored in the Recycle Bin in its physical location are renamed as Dxy.ext, where “x” represents the ___________________.

    A. Drive name

    B. Original file name's extension

    C. Sequential number

    D. Original file name

  • Question 114:

    The investigator wants to examine changes made to the system's registry by the suspect program. Which of the following tool can help the investigator?

    A. TRIPWIRE

    B. RAM Capturer

    C. Regshot

    D. What's Running

  • Question 115:

    What does the part of the log, “% SEC-6-IPACCESSLOGP”, extracted from a Cisco router represent?

    A. The system was not able to process the packet because there was not enough room for all of the desired IP header options

    B. Immediate action required messages

    C. Some packet-matching logs were missed because the access list log messages were rate limited, or no access list log buffers were available

    D. A packet matching the log criteria for the given access list has been detected (TCP or UDP)

  • Question 116:

    Which rule requires an original recording to be provided to prove the content of a recording?

    A. 1004

    B. 1002

    C. 1003

    D. 1005

  • Question 117:

    Which of the following refers to the process of the witness being questioned by the attorney who called the latter to the stand?

    A. Witness Authentication

    B. Direct Examination

    C. Expert Witness

    D. Cross Questioning

  • Question 118:

    Bob works as information security analyst for a big finance company. One day, the anomaly-based intrusion detection system alerted that a volumetric DDOS targeting the main IP of the main web server was occurring. What kind of attack is it?

    A. IDS attack

    B. APT

    C. Web application attack

    D. Network attack

  • Question 119:

    Which of the following is a record of the characteristics of a file system, including its size, the block size, the empty and the filled blocks and their respective counts, the size and location of the inode tables, the disk block map and usage information, and the size of the block groups?

    A. Inode bitmap block

    B. Superblock

    C. Block bitmap block

    D. Data block

  • Question 120:

    Which MySQL log file contains information on server start and stop?

    A. Slow query log file

    B. General query log file

    C. Binary log

    D. Error log file

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.