1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-Council Certified Computer Hacking Forensic Investigator (V10)

Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1006 Q&As
  • Last Updated
    :Apr 12, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-49V10 Questions & Answers

  • Question 251:

    An investigator is analyzing a checkpoint firewall log and comes across symbols. What type of log is he looking at?

    A. Security event was monitored but not stopped

    B. Malicious URL detected

    C. An email marked as potential spam

    D. Connection rejected

  • Question 252:

    Which list contains the most recent actions performed by a Windows User?

    A. MRU

    B. Activity

    C. Recents

    D. Windows Error Log

  • Question 253:

    Joshua is analyzing an MSSQL database for finding the attack evidence and other details, where should he look for the database logs?

    A. Model.log

    B. Model.txt

    C. Model.ldf

    D. Model.lgf

  • Question 254:

    Which of the following tools is not a data acquisition hardware tool?

    A. UltraKit

    B. Atola Insight Forensic

    C. F-Response Imager

    D. Triage-Responder

  • Question 255:

    The given image displays information about date and time of installation of the OS along with service packs, patches, and sub-directories. What command or tool did the investigator use to view this output?

    A. dir /o:d

    B. dir /o:s

    C. dir /o:e

    D. dir /o:n

  • Question 256:

    Which of the following tool is used to locate IP addresses?

    A. SmartWhois

    B. Deep Log Analyzer

    C. Towelroot

    D. XRY LOGICAL

  • Question 257:

    Which of the following protocols allows non-ASCII files, such as video, graphics, and audio, to be sent through the email messages?

    A. MIME

    B. BINHEX

    C. UT-16

    D. UUCODE

  • Question 258:

    What is the framework used for application development for iOS-based mobile devices?

    A. Cocoa Touch

    B. Dalvik

    C. Zygote

    D. AirPlay

  • Question 259:

    Chong-lee, a forensics executive, suspects that a malware is continuously making copies of files and folders on a victim system to consume the available disk space. What type of test would confirm his claim?

    A. File fingerprinting

    B. Identifying file obfuscation

    C. Static analysis

    D. Dynamic analysis

  • Question 260:

    What is an investigator looking for in the rp.log file stored in a system running on Windows 10 operating system?

    A. Restore point interval

    B. Automatically created restore points

    C. System CheckPoints required for restoring

    D. Restore point functions

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.