1. Home
  2. EC-COUNCIL
  3. 312-49V10

EC-Council Certified Computer Hacking Forensic Investigator (V10)

Exam Details

  • Exam Code
    :312-49V10
  • Exam Name
    :EC-Council Certified Computer Hacking Forensic Investigator (V10)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :1006 Q&As
  • Last Updated
    :Apr 12, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-49V10 Questions & Answers

  • Question 381:

    Tyler is setting up a wireless network for his business that he runs out of his home. He has followed all the directions from the ISP as well as the wireless router manual. He does not have any encryption set and the SSID is being broadcast. On his laptop, he can pick up the wireless signal for short periods of time, but then the connection drops and the signal goes away. Eventually the wireless signal shows back up, but drops intermittently. What could be Tyler issue with his home wireless network?

    A. CB radio

    B. 2.4Ghz Cordless phones

    C. Satellite television

    D. Computers on his wired network

  • Question 382:

    In a forensic examination of hard drives for digital evidence, what type of user is most likely to have the most file slack to analyze?

    A. one who has NTFS 4 or 5 partitions

    B. one who uses dynamic swap file capability

    C. one who uses hard disk writes on IRQ 13 and 21

    D. one who has lots of allocation units per block or cluster

  • Question 383:

    In the following email header, where did the email first originate from?

    A. Somedomain.com

    B. Smtp1.somedomain.com

    C. Simon1.state.ok.gov.us

    D. David1.state.ok.gov.us

  • Question 384:

    What header field in the TCP/IP protocol stack involves the hacker exploit known as the Ping of Death?

    A. ICMP header field

    B. TCP header field

    C. IP header field

    D. UDP header field

  • Question 385:

    The MD5 program is used to:

    A. wipe magnetic media before recycling it

    B. make directories on a evidence disk

    C. view graphics files on an evidence drive

    D. verify that a disk is not altered when you examine it

  • Question 386:

    You have compromised a lower-level administrator account on an Active Directory network of a small

    company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of

    the Domain Controllers on port 389 using ldp.exe.

    What are you trying to accomplish here?

    A. Enumerate domain user accounts and built-in groups

    B. Enumerate MX and A records from DNS

    C. Establish a remote connection to the Domain Controller

    D. Poison the DNS records with false records

  • Question 387:

    The newer Macintosh Operating System (MacOS X) is based on:

    A. Microsoft Windows

    B. OS/2

    C. BSD Unix

    D. Linux

  • Question 388:

    James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?

    A. Fraggle

    B. Smurf

    C. SYN flood

    D. Trinoo

  • Question 389:

    Jason has set up a honeypot environment by creating a DMZ that has no physical or logical access to his production network. In this honeypot, he has placed a server running Windows Active Directory. He has also placed a Web server in the DMZ that services a number of web pages that offer visitors a chance to download sensitive information by clicking on a button. A week later, Jason finds in his network logs how an intruder accessed the honeypot and downloaded sensitive information. Jason uses the logs to try and prosecute the intruder for stealing sensitive corporate information. Why will this not be viable?

    A. Enticement

    B. Entrapment

    C. Intruding into ahoneypot is not illegal

    D. Intruding into a DMZ is not illegal

  • Question 390:

    Meyer Electronics Systems just recently had a number of laptops stolen out of their office. On these laptops contained sensitive corporate information regarding patents and company strategies. A month after the laptops were stolen, a competing company was found to have just developed products that almost exactly duplicated products that Meyer produces. What could have prevented this information from being stolen from the laptops?

    A. DFS Encryption

    B. EFS Encryption

    C. SDW Encryption

    D. IPS Encryption

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-49V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.