File Info
| Exam | Computer Hacking Forensic Investigator |
| Number | 312-49v10 |
| File Name | ECCouncil.312-49v10.VCEplus.2021-10-05.117q.tqb |
| Size | 1 MB |
| Posted | Oct 05, 2021 |
| Download | ECCouncil.312-49v10.VCEplus.2021-10-05.117q.tqb |
How to open VCEX & EXAM Files?
Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.
Coupon: MASTEREXAM
With discount: 20%
Demo Questions
Question 1
What information do you need to recover when searching a victim’s computer for a crime committed with specific e-mail message?
- Internet service provider information
- E-mail header
- Username and password
- Firewall log
Correct answer: B
Question 2
Melanie was newly assigned to an investigation and asked to make a copy of all the evidence from the compromised system. Melanie did a DOS copy of all the files on the system.
What would be the primary reason for you to recommend a disk imaging tool?
- A disk imaging tool would check for CRC32s for internal self-checking and validation and have MD5 checksum
- Evidence file format will contain case data entered by the examiner and encrypted at the beginning of the evidence file
- A simple DOS copy will not include deleted files, file slack and other information
- There is no case for an imaging tool as it will use a closed, proprietary format that if compared to the original will not match up sector for sector
Correct answer: C
Question 3
You are employed directly by an attorney to help investigate an alleged sexual harassment case at a large pharmaceutical manufacture. While at the corporate office of the company, the CEO demands to know the status of the investigation. What prevents you from discussing the case with the CEO?
- the attorney-work-product rule
- Good manners
- Trade secrets
- ISO 17799
Correct answer: A
