EC-Council 312-49v10 Computer Hacking Forensic Investigator (CHFI-v10) Online Training
EC-Council 312-49v10 Online Training
The questions for 312-49v10 were last updated at Sep 06,2025.
- Exam Code: 312-49v10
- Exam Name: Computer Hacking Forensic Investigator (CHFI-v10)
- Certification Provider: EC-Council
- Latest update: Sep 06,2025
You are a computer forensics investigator working with local police department and you are called to assist in an investigation of threatening emails. The complainant has printer out 27 email messages from the suspect and gives the printouts to you. You inform her that you will need to examine her computer because you need access to the _________________________ in order to track the emails back to the suspect.
- A . Routing Table
- B . Firewall log
- C . Configuration files
- D . Email Header
What is a good security method to prevent unauthorized users from "tailgating"?
- A . Man trap
- B . Electronic combination locks
- C . Pick-resistant locks
- D . Electronic key systems
You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using ldp.exe.
What are you trying to accomplish here?
- A . Poison the DNS records with false records
- B . Enumerate MX and A records from DNS
- C . Establish a remote connection to the Domain Controller
- D . Enumerate domain user accounts and built-in groups
Which of the following is NOT a graphics file?
- A . Picture1.tga
- B . Picture2.bmp
- C . Picture3.nfo
- D . Picture4.psd
You are the security analyst working for a private company out of France. Your current assignment is to obtain credit card information from a Swiss bank owned by that company. After initial reconnaissance, you discover that the bank security defenses are very strong and would take too long to penetrate. You decide to get the information by monitoring the traffic between the bank and one of its subsidiaries in London. After monitoring some of the traffic, you see a lot of FTP packets traveling back and forth. You want to sniff the traffic and extract usernames and passwords.
What tool could you use to get this information?
- A . Airsnort
- B . Snort
- C . Ettercap
- D . RaidSniff
In conducting a computer abuse investigation you become aware that the suspect of the investigation is using ABC Company as his Internet Service Provider (ISP). You contact ISP and request that they provide you assistance with your investigation.
What assistance can the ISP provide?
- A . The ISP can investigate anyone using their service and can provide you with assistance
- B . The ISP can investigate computer abuse committed by their employees, but must preserve the privacy of their customers and therefore cannot assist you without a warrant
- C . The ISP can’t conduct any type of investigations on anyone and therefore can’t assist you
- D . ISP’s never maintain log files so they would be of no use to your investigation
What header field in the TCP/IP protocol stack involves the hacker exploit known as the Ping of Death?
- A . ICMP header field
- B . TCP header field
- C . IP header field
- D . UDP header field
What should you do when approached by a reporter about a case that you are working on or have worked on?
- A . Refer the reporter to the attorney that retained you
- B . Say, "no comment"
- C . Answer all the reporter’s questions as completely as possible
- D . Answer only the questions that help your case
A law enforcement officer may only search for and seize criminal evidence with _______________________, which are facts or circumstances that would lead a reasonable person to believe a crime has been committed or is about to be committed, evidence of the specific crime exists and the evidence of the specific crime exists at the place to be searched.
- A . Mere Suspicion
- B . A preponderance of the evidence
- C . Probable cause
- D . Beyond a reasonable doubt
You are using DriveSpy, a forensic tool and want to copy 150 sectors where the starting sector is 1709 on the primary hard drive.
Which of the following formats correctly specifies these sectors?
- A . 0:1000, 150
- B . 0:1709, 150
- C . 1:1709, 150
- D . 0:1709-1858
Latest 312-49v10 Dumps Valid Version with 601 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
