When a user deletes a file, the system creates a $I file to store its details. What detail does the $I file not contain?
A. File Size
B. File origin and modification
C. Time and date of deletion
D. File Name
Raw data acquisition format creates _________ of a data set or suspect drive.
A. Segmented image files
B. Simple sequential flat files
C. Compressed image files
D. Segmented files
Jacob is a computer forensics investigator with over 10 years of experience in investigations and has written over 50 articles on computer forensics. He has been called upon as a qualified witness to testify the accuracy and integrity of the technical log files gathered in an investigation into computer fraud. What is the term used for Jacob's testimony in this case?
A. Certification
B. Justification
C. Reiteration
D. Authentication
Which of the following email headers specifies an address for mailer-generated errors, like "no such user" bounce messages, to go to (instead of the sender's address)?
A. Mime-Version header
B. Content-Type header
C. Content-Transfer-Encoding header
D. Errors-To header
What malware analysis operation can the investigator perform using the jv16 tool?
A. Files and Folder Monitor
B. Installation Monitor
C. Network Traffic Monitoring/Analysis
D. Registry Analysis/Monitoring
Event correlation is the process of finding relevance between the events that produce a final result. What type of correlation will help an organization to correlate events across a set of servers, systems, routers and network?
A. Same-platform correlation
B. Network-platform correlation
C. Cross-platform correlation
D. Multiple-platform correlation
Hard disk data addressing is a method of allotting addresses to each _______ of data on a hard disk.
A. Physical block
B. Operating system block
C. Hard disk block
D. Logical block
Which of the following standard represents a legal precedent regarding the admissibility of scientific examinations or experiments in legal cases?
A. SWGDE and SWGIT
B. Daubert
C. Frye
D. IOCE
Which one of the following is not a first response procedure?
A. Preserve volatile data
B. Fill forms
C. Crack passwords
D. Take photos
Graphics Interchange Format (GIF) is a ____ RGB bitmap image format for images with up to 256 distinct colors per frame.
A. 8-bit
B. 32-bit
C. 16-bit
D. 24-bit
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.