312-49 ECCouncil Computer Hacking Forensic Investigator (V9) Exam

Computer Hacking Forensic Investigator Certification
Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks.

Computer crime in today’s cyber world is on the rise. Computer Investigation techniques are being used by police, government and corporate entities globally and many of them turn to EC-Council for our Computer Hacking Forensic Investigator CHFI Certification Program.

Computer Security and Computer investigations are changing terms. More tools are invented daily for conducting Computer Investigations, be it computer crime, digital forensics, computer investigations, or even standard computer data recovery. The tools and techniques covered in EC-Council’s CHFI program will prepare the student to conduct computer investigations using groundbreaking digital forensics technologies.
Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information known as computer data recovery.

The purpose of the CHFI credential is to:
Validate the candidate’s skills to identify an intruder’s footprints and to properly gather the necessary evidence to prosecute in the court of law.

About the Exam
Number of Questions: 150
Test Duration: 4 Hours
Test Format: Multiple Choice
Test Delivery: ECC EXAM
Exam Prefix: 312-49 (ECC EXAM)

Passing Score
In order to maintain the high integrity of our certifications exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has “real world” applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.


QUESTION 1
When an investigator contacts by telephone the domain administrator or controller listed by a Who is lookup to
request all e-mails sent and received for a user account be preserved, what U.S.C. statute authorizes this
phone call and obligates the ISP to preserve e-mail records?

A. Title 18, Section 1030
B. Title 18, Section 2703(d)
C. Title 18, Section Chapter 90
D. Title 18, Section 2703(f)

Answer: D
Section: (none)
Explanation
Explanation/Reference:


QUESTION 2
Item 2If you come across a sheepdip machine at your client site, what would you infer?

A. A sheepdip coordinates several honeypots
B. A sheepdip computer is another name for a honeypot
C. A sheepdip computer is used only for virus-checking.
D. A sheepdip computer defers a denial of service attack

Answer: C
Section: (none)
Explanation
Explanation/Reference:


QUESTION 3
In a computer forensics investigation, what describes the route that evidence takes from the time you find it
until the case is closed or goes to court?

A. rules of evidence
B. law of probability
C. chain of custody
D. policy of separation

Answer: C
Section: (none)
Explanation
Explanation/Reference:


QUESTION 4
How many characters long is the fixed-length MD5 algorithm checksum of a critical system file?

A. 128
B. 64
C. 32
D. 16

Answer: C
Section: (none)
Explanation
Explanation/Reference:


QUESTION 5
You are working on a thesis for your doctorate degree in Computer Science. Your thesis is based on HTML,
DHTML, and other web-based languages and how they have evolved over the years.
You navigate to archive. org and view the HTML code of news.com. You then navigate to the current
news.com website and copy over the source code. While searching through the code, you come across
something abnormal: What have you found?

A. Web bug
B. CGI code
C. Trojan.downloader
D. Blind bug

Answer: A
Section: (none)
Explanation
Explanation/Reference:

Click here to view complete Q&A of CHFI 312-49 exam
Certkingdom Review
, Certkingdom PDF Torrents

MCTS Training, MCITP Trainnig

Best CHFI 312-49 Certification, CHFI 312-49 Training at certkingdom.com

312-49 ECCouncil Computer Hacking Forensic Investigator (V9) Exam
Scroll to top