EC-Council CHFI (312-49) Certification Sample Questions

CHFI Dumps, 312-49 Dumps, 312-49 PDF, CHFI VCE, EC-Council 312-49 VCE, , EC-Council CHFI v11 PDFThe purpose of this Sample Question Set is to provide you with information about the EC-Council Computer Hacking Forensic Investigator exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the 312-49 certification test. To get familiar with real exam environment, we suggest you try our Sample EC-Council CHFI Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual EC-Council Computer Hacking Forensic Investigator (CHFI) certification exam.

These sample questions are simple and basic questions that represent likeness to the real EC-Council 312-49 exam questions. To assess your readiness and performance with real time scenario based questions, we suggest you prepare with our Premium EC-Council CHFI Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.

EC-Council 312-49 Sample Questions:

01. Which of the following commands shows you all of the network services running on Windowsbased servers?
a) Net start
b) Net use
c) Net Session
d) Net share
 
02. Graphics Interchange Format (GIF) is a ___________RGB bitmap Image format for Images with up to 256 distinct colors per frame.
a) 16-bit
b) 8-bit
c) 24-bit
d) 32-bit
 
03. What is an investigator looking for in the rp.log file stored in a system running on Windows 10 operating system?
a) Restore point interval
b) Restore point functions
c) System CheckPoints required for restoring
d) Automatically created restore points
 
04. The first eight digits of an IMEI number that provide information about the model and origin of the mobile device are also known as:
a) Device Origin Code (DOC)
b) Manufacturer Identification Code (MIC)
c) Integrated Circuit Code (ICC)
d) Type Allocation Code (TAC)
 
05. Which of the following does not describe the type of data density on a hard disk?
a) Volume density
b) Track density
c) Linear or recording density
d) Areal density
 
06. Which of the following acquisition methods is recommended to retrieve only the data relevant to the investigation?
a) Static Acquisition
b) Bit-stream disk-to-disk Acquisition
c) Sparse or Logical Acquisition
d) Bit-by-bit Acquisition
 
07. What is the purpose of using Obfuscator in malware?
a) Propagate malware to other connected devices
b) Avoid encryption while passing through a VPN
c) Execute malicious code in the system
d) Avoid detection by security mechanisms
 
08. Which of the following files stores information about a local Google Drive installation such as user email ID, Local Sync Root Path, and client version installed?
a) config.db
b) sync_config.db
c) sigstore.db
d) filecache.db
 
09. In a Linux-based system, what does the command “Last -F” display?
a) Login and logout times and dates of the system
b) Last functions performed
c) Recently opened files
d) Last run processes deny
 
10. Which of the following email clients can be used to analyze DBX files?
a) Microsoft Outlook
b) Eudora
c) Mozilla Thunderbird
d) Microsoft Outlook Express

Answers:

Question: 01
Answer: a		 Question: 02
Answer: b		 Question: 03
Answer: c		 Question: 04
Answer: d		 Question: 05
Answer: a
Question: 06
Answer: c		 Question: 07
Answer: d		 Question: 08
Answer: b		 Question: 09
Answer: a		 Question: 10
Answer: d

Note: For any error in EC-Council Computer Hacking Forensic Investigator (CHFI) (312-49) certification exam sample questions, please update us by writing an email on feedback@edusum.com.

Rating: 4.8 / 5 (314 votes)