Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. EC-Council
  3. 312-49v11

EC-Council 312-49v11 Exam (page: 2)
EC-Council Computer Hacking Forensic Investigator
Updated on: 07-Feb-2026

Viewing Page 2 of 20
312-49v11 PDF 152 Questions

Annie is searching for certain deleted files on a system running Windows XP OS.
Where will she find the files if they were not completely deleted from the system?

  1. C: $Recycled.Bin
  2. C: \$Recycle.Bin
  3. C:\RECYCLER
  4. C:\$RECYCLER

Answer(s): B



Which of the following files stores information about a local Google Drive installation such as User email ID, Local Sync Root Path, and Client version installed?

  1. filecache.db
  2. config.db
  3. sigstore.db
  4. Sync_config.db

Answer(s): D



An expert witness is a __________________ who is normally appointed by a party to assist the formulation and preparation of a party's claim or defense.

  1. Expert in criminal investigation
  2. Subject matter specialist
  3. Witness present at the crime scene
  4. Expert law graduate appointed by attorney

Answer(s): B



Smith, a network administrator with a large MNC, was the first to arrive at a suspected crime scene involving criminal use of compromised computers.
What should be his first response while maintaining the integrity of evidence?

  1. Record the system state by taking photographs of physical system and the display
  2. Perform data acquisition without disturbing the state of the systems
  3. Open the systems, remove the hard disk and secure it
  4. Switch off the systems and carry them to the laboratory

Answer(s): A



Which among the following is an act passed by the U.S. Congress in 2002 to protect investors from the possibility of fraudulent accounting activities by corporations?

  1. HIPAA
  2. GLBA
  3. SOX
  4. FISMA

Answer(s): C



Jacky encrypts her documents using a password. It is known that she uses her daughter's year of birth as part of the password.
Which password cracking technique would be optimal to crack her password?

  1. Rule-based attack
  2. Brute force attack
  3. Syllable attack
  4. Hybrid attack

Answer(s): A



Which of the following Event Correlation Approach is an advanced correlation method that assumes and predicts what an attacker can do next after the attack by studying the statistics and probability and uses only two variables?

  1. Bayesian Correlation
  2. Vulnerability-Based Approach
  3. Rule-Based Approach
  4. Route Correlation

Answer(s): A



Smith, as a part his forensic investigation assignment, seized a mobile device. He was asked to recover the Subscriber Identity Module (SIM card) data in the mobile device. Smith found that the SIM was protected by a Personal Identification Number (PIN) code, but he was also aware that people generally leave the PIN numbers to the defaults or use easily guessable numbers such as 1234. He made three unsuccessful attempts, which blocked the SIM card.
What can Jason do in this scenario to reset the PIN and access SIM data?

  1. He should contact the network operator for a Temporary Unlock Code (TUK)
  2. Use system and hardware tools to gain access
  3. He can attempt PIN guesses after 24 hours
  4. He should contact the network operator for Personal Unlock Number (PUK)

Answer(s): D



Viewing Page 2 of 20



Share your comments for EC-Council 312-49v11 exam with other users:

alaska 10/24/2023 5:48:00 AM

i scored 87% on the az-204 exam. thanks! i always trust
GERMANY


nnn 7/9/2023 11:09:00 PM

good need more
Anonymous


User-sfdc 12/29/2023 7:21:00 AM

sample questions seems good
Anonymous


Tamer dam 8/4/2023 10:21:00 AM

huawei is ok
UNITED STATES


YK 12/11/2023 1:10:00 AM

good one nice
JAPAN


de 8/28/2023 2:38:00 AM

please continue
GERMANY


DMZ 6/25/2023 11:56:00 PM

this exam dumps just did the job. i donot want to ruffle your feathers but your exam dumps and mock test engine is amazing.
UNITED KINGDOM


Jose 8/30/2023 6:14:00 AM

nice questions
PORTUGAL


Tar01 7/24/2023 7:07:00 PM

the explanation are really helpful
Anonymous


DaveG 12/15/2023 4:50:00 PM

just passed my exam yesterday on my first attempt. these dumps were extremely helpful in passing first time. the questions were very, very similar to these questions!
Anonymous


A.K. 6/30/2023 6:34:00 AM

cosmos db is paas not saas
Anonymous


S Roychowdhury 6/26/2023 5:27:00 PM

what is the percentage of common questions in gcp exam compared to 197 dump questions? are they 100% matching with real gcp exam?
Anonymous


Bella 7/22/2023 2:05:00 AM

not able to see questions
Anonymous


Scott 9/8/2023 7:19:00 AM

by far one of the best sites for free questions. i have pass 2 exams with the help of this website.
CANADA


donald 8/19/2023 11:05:00 AM

excellent question bank.
Anonymous


Ashwini 8/22/2023 5:13:00 AM

it really helped
Anonymous


sk 5/13/2023 2:07:00 AM

excelent material
INDIA


Christopher 9/5/2022 10:54:00 PM

the new versoin of this exam which i downloaded has all the latest questions from the exam. i only saw 3 new questions in the exam which was not in this dump.
CANADA


Sam 9/7/2023 6:51:00 AM

question 8 - can cloudtrail be used for storing jobs? based on aws - aws cloudtrail is used for governance, compliance and investigating api usage across all of our aws accounts. every action that is taken by a user or script is an api call so this is logged to [aws] cloudtrail. something seems incorrect here.
UNITED STATES


Tanvi Rajput 8/14/2023 10:55:00 AM

question 13 tda - c01 answer : quick table calculation -> percentage of total , compute using table down
UNITED KINGDOM


PMSAGAR 9/19/2023 2:48:00 AM

pls share teh dump
UNITED STATES


zazza 6/16/2023 10:47:00 AM

question 44 answer is user risk
ITALY


Prasana 6/23/2023 1:59:00 AM

please post the questions for preparation
Anonymous


test user 9/24/2023 3:15:00 AM

thanks for the questions
AUSTRALIA


Draco 7/19/2023 5:34:00 AM

please reopen it now ..its really urgent
UNITED STATES


Megan 4/14/2023 5:08:00 PM

these practice exam questions were exactly what i needed. the variety of questions and the realistic exam-like environment they created helped me assess my strengths and weaknesses. i felt more confident and well-prepared on exam day, and i owe it to this exam dumps!
UNITED KINGDOM


abdo casa 8/9/2023 6:10:00 PM

thank u it very instructuf
Anonymous


Danny 1/15/2024 9:10:00 AM

its helpful?
INDIA


hanaa 10/3/2023 6:57:00 PM

is this dump still valid???
Anonymous


Georgio 1/19/2024 8:15:00 AM

question 205 answer is b
Anonymous


Matthew Dievendorf 5/30/2023 9:37:00 PM

question 39, should be answer b, directions stated is being sudneted from /21 to a /23. a /23 has 512 ips so 510 hosts. and can make 4 subnets out of the /21
Anonymous


Adhithya 8/11/2022 12:27:00 AM

beautiful test engine software and very helpful. questions are same as in the real exam. i passed my paper.
UNITED ARAB EMIRATES


SuckerPumch88 4/25/2022 10:24:00 AM

the questions are exactly the same in real exam. just make sure not to answer all them correct or else they suspect you are cheating.
UNITED STATES


soheib 7/24/2023 7:05:00 PM

question: 78 the right answer i think is d not a
Anonymous