Computer Hacking Forensic Investigator

Here you have the best ECCouncil 312-49v11 practice exam questions

  • You have 150 total questions to study from
  • Each page has 5 questions, making a total of 30 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on January 5, 2026
  • This site is not affiliated with or endorsed by ECCouncil.
Question 1 of 150
A suspect is accused of violating the acceptable use of computing resources, as he has visited adult websites and downloaded images. The investigator wants to demonstrate that the suspect did indeed visit these sites. However, the suspect has cleared the search history and emptied the cookie cache. Moreover, he has removed any images he might have downloaded. What can the investigator do to prove the violation?
Correct Answer: A

Question 2 of 150
You have been asked to investigate the possibility of computer fraud in the finance department of a company. It is suspected that a staff member has been committing finance fraud by printing cheques that have not been authorized. You have exhaustively searched all data files on a bitmap image of the target computer, but have found no evidence. You suspect the files may not have been saved. What should you examine next in this case?
Correct Answer: B

Question 3 of 150
Which of the following are small pieces of data sent from a website and stored on the user’s computer by the user’s web browser to track, validate, and maintain specific user information?
Correct Answer: C

Question 4 of 150
Depending upon the jurisdictional areas, different laws apply to different incidents. Which of the following law is related to fraud and related activity in connection with computers?
Correct Answer: B

Question 5 of 150
Data is striped at a byte level across multiple drives, and parity information is distributed among all member drives.
Exam 312-49v11: Question 5 - Image 1
What RAID level is represented here?
Correct Answer: B