Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. EC-Council
  3. 312-49v10

EC-Council 312-49v10 Exam (page: 21)
EC-Council Computer Hacking Forensic Investigator
Updated on: 09-Feb-2026

Viewing Page 21 of 138
312-49v10 PDF 831 Questions

What information do you need to recover when searching a victim's computer for a crime committed with speci c e-mail message?

  1. Internet service provider information
  2. E-mail header
  3. Username and password
  4. Firewall log

Answer(s): B



Melanie was newly assigned to an investigation and asked to make a copy of all the evidence from the compromised system. Melanie did a DOS copy of all the les on the system.
What would be the primary reason for you to recommend a disk imaging tool?

  1. A disk imaging tool would check for CRC32s for internal self-checking and validation and have MD5 checksum
  2. Evidence le format will contain case data entered by the examiner and encrypted at the beginning of the evidence le
  3. A simple DOS copy will not include deleted les, le slack and other information
  4. There is no case for an imaging tool as it will use a closed, proprietary format that if compared to the original will not match up sector for sector

Answer(s): C



You are employed directly by an attorney to help investigate an alleged sexual harassment case at a large pharmaceutical manufacture. While at the corporate o ce of the company, the CEO demands to know the status of the investigation.
What prevents you from discussing the case with the CEO?

  1. the attorney-work-product rule
  2. Good manners
  3. Trade secrets
  4. ISO 17799

Answer(s): A



What is the investigator trying to analyze if the system gives the following image as output?

  1. All the logon sessions
  2. Currently active logon sessions
  3. Inactive logon sessions
  4. Details of users who can logon

Answer(s): B



This organization maintains a database of hash signatures for known software.

  1. International Standards Organization
  2. Institute of Electrical and Electronics Engineers
  3. National Software Reference Library
  4. American National standards Institute

Answer(s): C



Viewing Page 21 of 138



Share your comments for EC-Council 312-49v10 exam with other users:

Emmah 7/29/2023 9:59:00 AM

are these valid chfi questions
KENYA


Christopher 9/5/2022 10:54:00 PM

the new versoin of this exam which i downloaded has all the latest questions from the exam. i only saw 3 new questions in the exam which was not in this dump.
CANADA


Aloke Paul 9/11/2023 6:53:00 AM

is this valid for chfiv9 as well... as i am reker 3rd time...
CHINA