Select the data that a virtual memory would store in a Windows-based system.
A. Information or metadata of the files
B. Documents and other files
C. Application data
D. Running processes
A Linux system is undergoing investigation. In which directory should the investigators look for its current state data if the system is in powered on state?
A. /auth
B. /proc
C. /var/log/debug
D. /var/spool/cron/
What is the purpose of using Obfuscator in malware?
A. Execute malicious code in the system
B. Avoid encryption while passing through a VPN
C. Avoid detection by security mechanisms
D. Propagate malware to other connected devices
Which of the following setups should a tester choose to analyze malware behavior?
A. A virtual system with internet connection
B. A normal system without internet connect
C. A normal system with internet connection
D. A virtual system with network simulation for internet connection
Centralized binary logging is a process in which many websites write binary and unformatted log data to a single log file. What extension should the investigator look to find its log file?
A. .cbl
B. .log
C. .ibl
D. .txt
Where should the investigator look for the Edge browser's browsing records, including history, cache, and cookies?
A. ESE Database
B. Virtual Memory
C. Sparse files
D. Slack Space
Which among the following search warrants allows the first responder to search and seize the victim's computer components such as hardware, software, storage devices, and documentation?
A. John Doe Search Warrant
B. Citizen Informant Search Warrant
C. Electronic Storage Device Search Warrant
D. Service Provider Search Warrant
UEFI is a specification that defines a software interface between an OS and platform firmware. Where does this interface store information about files present on a disk?
A. BIOS-MBR
B. GUID Partition Table (GPT)
C. Master Boot Record (MBR)
D. BIOS Parameter Block
During an investigation of an XSS attack, the investigator comes across the term “[a-zA-Z0-9\%]+” in analyzed evidence details. What is the expression used for?
A. Checks for upper and lower-case alphanumeric string inside the tag, or its hex representation
B. Checks for forward slash used in HTML closing tags, its hex or double-encoded hex equivalent
C. Checks for opening angle bracket, its hex or double-encoded hex equivalent
D. Checks for closing angle bracket, hex or double-encoded hex equivalent
During the trial, an investigator observes that one of the principal witnesses is severely ill and cannot be present for the hearing. He decides to record the evidence and present it to the court. Under which rule should he present such evidence?
A. Rule 1003: Admissibility of Duplicates
B. Limited admissibility
C. Locard's Principle
D. Hearsay
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.