• Home
  • Articles
  • Latest [Dec 31, 2021] Real EC-COUNCIL 312-49v10 Exam Dumps Questions [Q15-Q37]

Latest [Dec 31, 2021] Real EC-COUNCIL 312-49v10 Exam Dumps Questions [Q15-Q37]

Share

Latest [Dec 31, 2021]  Real EC-COUNCIL 312-49v10 Exam Dumps Questions

312-49v10 Dumps To Pass CHFI v10 Exam in One Day (Updated 598 Questions)


EC-COUNCIL 312-49v10 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Understanding Hard Disks and File Systems
  • Investigating Email Crimes
Topic 2
  • Computer Forensics Investigation Process
  • Dark Web Forensics
  • Mobile Forensics
Topic 3
  • Computer Forensics in Today’s World
  • Investigating Web Attacks
Topic 4
  • Defeating Anti-Forensics Techniques
  • Malware Forensics
Topic 5
  • Data Acquisition and Duplication
  • Linux and Mac Forensics
Topic 6
  • Database Forensics
  • Network Forensics
  • Windows Forensics

NEW QUESTION 15
This is original file structure database that Microsoft originally designed for floppy disks. It is written to the outermost track of a disk and contains information about each file stored on the drive.

  • A. Master Boot Record (MBR)
  • B. File Allocation Table (FAT)
  • C. Master File Table (MFT)
  • D. Disk Operating System (DOS)

Answer: B

 

NEW QUESTION 16
While collecting Active Transaction Logs using SQL Server Management Studio, the query Select * from ::fn_dblog(NULL, NULL) displays the active portion of the transaction log file. Here, assigning NULL values implies?

  • A. Start and end points for log files are not specified
  • B. Start and end points for log sequence numbers are specified
  • C. Start and end points for log files are specified
  • D. Start and end points for log sequence numbers are not specified

Answer: A

 

NEW QUESTION 17
While analyzing a hard disk, the investigator finds that the file system does not use UEFI-based interface. Which of the following operating systems is present on the hard disk?

  • A. Windows 7
  • B. Windows 8.1
  • C. Windows 8
  • D. Windows 10

Answer: A

 

NEW QUESTION 18
Which of the following technique creates a replica of an evidence media?

  • A. Bit Stream Imaging
  • B. Data Extraction
  • C. Data Deduplication
  • D. Backup

Answer: A

 

NEW QUESTION 19
Which of the following acts as a network intrusion detection system as well as network intrusion prevention system?

  • A. Nikto
  • B. Snort
  • C. Kismet
  • D. Accunetix

Answer: B

 

NEW QUESTION 20
Which of the following is NOT an anti-forensics technique?

  • A. Steganography
  • B. Encryption
  • C. Password Protection
  • D. Data Deduplication

Answer: D

 

NEW QUESTION 21
Which password cracking technique uses details such as length of password, character sets used to construct the password, etc.?

  • A. Rule-based attack
  • B. Brute force attack
  • C. Man in the middle attack
  • D. Dictionary attack

Answer: D

 

NEW QUESTION 22
Which forensic investigation methodology believes that criminals commit crimes solely to benefit their criminal enterprises?

  • A. Fyre Standard
  • B. Enterprise Theory of Investigation
  • C. Scientific Working Group on Digital Evidence
  • D. Daubert Standard

Answer: B

 

NEW QUESTION 23
Why is it a good idea to perform a penetration test from the inside?

  • A. Because 70% of attacks are from inside the organization
  • B. It is easier to hack from the inside
  • C. To attack a network from a hacker's perspective
  • D. It is never a good idea to perform a penetration test from the inside

Answer: A

 

NEW QUESTION 24
Which among the following web application threats is resulted when developers expose various internal implementation objects, such as files, directories, database records, or key-through references?

  • A. Cross Site Request Forgery
  • B. Cross Site Scripting
  • C. Remote File Inclusion
  • D. Insecure Direct Object References

Answer: D

 

NEW QUESTION 25
Office documents (Word, Excel, PowerPoint) contain a code that allows tracking the MAC, or unique identifier, of the machine that created the document. What is that code called?

  • A. the Personal Application Protocol
  • B. the Globally Unique ID
  • C. the Individual ASCII String
  • D. the Microsoft Virtual Machine Identifier

Answer: B

 

NEW QUESTION 26
Which of the following commands shows you the names of all open shared files on a server and the number of file locks on each file?

  • A. Net config
  • B. Net sessions
  • C. Net file
  • D. Net share

Answer: C

 

NEW QUESTION 27
Depending upon the jurisdictional areas, different laws apply to different incidents. Which of the following law is related to fraud and related activity in connection with computers?

  • A. 18 USC §1361
  • B. 18 USC §1030
  • C. 18 USC §1371
  • D. 18 USC §1029

Answer: B

 

NEW QUESTION 28
Where are files temporarily written in Unix when printing?

  • A. /usr/spool
  • B. /spool
  • C. /var/print
  • D. /var/spool

Answer: D

 

NEW QUESTION 29
To preserve digital evidence, an investigator should ____________________.

  • A. Make two copies of each evidence item using a single imaging tool
  • B. Only store the original evidence item
  • C. Make two copies of each evidence item using different imaging tools
  • D. Make a single copy of each evidence item using an approved imaging tool

Answer: C

 

NEW QUESTION 30
Report writing is a crucial stage in the outcome of an investigation. Which information should not be included in the report section?

  • A. Author of the report
  • B. Purpose of the report
  • C. Speculation or opinion as to the cause of the incident
  • D. Incident summary

Answer: C

 

NEW QUESTION 31
Which of the following files stores information about local Dropbox installation and account, email IDs linked with the account, current version/build for the local application, the host_id, and local path information?

  • A. filecache.db
  • B. host.db
  • C. sigstore.db
  • D. config.db

Answer: D

 

NEW QUESTION 32
What is the name of the first reserved sector in File allocation table?

  • A. Partition Boot Sector
  • B. Volume Boot Record
  • C. BIOS Parameter Block
  • D. Master Boot Record

Answer: D

 

NEW QUESTION 33
To reach a bank web site, the traffic from workstations must pass through a firewall. You have been asked to review the firewall configuration to ensure that workstations in network 10.10.10.0/24 can only reach the bank web site 10.20.20.1 using https. Which of the following firewall rules meets this requirement?

  • A. if (source matches 10.10.10.0 and destination matches 10.20.20.1 and port matches 443) then permit
  • B. if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 80 or 443) then permit
  • C. if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 443) then permit

Answer: C

 

NEW QUESTION 34
Which of the following Android libraries are used to render 2D (SGL) or 3D (OpenGL/ES) graphics content to the screen?

  • A. Surface Manager
  • B. WebKit
  • C. Media framework
  • D. OpenGL/ES and SGL

Answer: D

 

NEW QUESTION 35
In conducting a computer abuse investigation you become aware that the suspect of the investigation is using ABC Company as his Internet Service Provider (ISP). You contact ISP and request that they provide you assistance with your investigation. What assistance can the ISP provide?

  • A. The ISP can't conduct any type of investigations on anyone and therefore can't assist you
  • B. The ISP can investigate anyone using their service and can provide you with assistance
  • C. ISP's never maintain log files so they would be of no use to your investigation
  • D. The ISP can investigate computer abuse committed by their employees, but must preserve the privacy of their customers and therefore cannot assist you without a warrant

Answer: D

 

NEW QUESTION 36
Which of the following is a responsibility of the first responder?

  • A. Share the collected information to determine the root cause
  • B. Determine the severity of the incident
  • C. Collect as much information about the incident as possible
  • D. Document the findings

Answer: C

 

NEW QUESTION 37
......

312-49v10 Exam Brain Dumps - Study Notes and Theory: https://www.examtorrent.com/312-49v10-valid-vce-dumps.html

100% Guaranteed Results 312-49v10 Unlimited 598 Questions: https://drive.google.com/open?id=1ND05T3IvXetKMDxIVCDau6SW1ob6or4o

Related Articles

more
EC-COUNCIL 312-49v10 Certification Practice Exam

ExamTorrent offers you the best exam torrent, excellent test torrent and valid exam dumps. Choose us, 100% pass for sure! We provide one-stop service and full package of exam torrent that helps you pass exams and acquire the certificates successfully.

Latest Test Dump

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ExamTorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimer:
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
ExamTorrent.com does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. ExamTorrent does not own or claim any ownership on any of the brands.