Computer Hacking Forensic Investigator

Here you have the best ECCouncil 312-49v11 practice exam questions

You have 150 total questions across 30 pages (5 per page)
These questions were last updated on February 20, 2026
This site is not affiliated with or endorsed by ECCouncil.

Question 1 of 150

A suspect is accused of violating the acceptable use of computing resources, as he has visited adult websites and downloaded images. The investigator wants to demonstrate that the suspect did indeed visit these sites. However, the suspect has cleared the search history and emptied the cookie cache. Moreover, he has removed any images he might have downloaded. What can the investigator do to prove the violation?

Image the disk and try to recover deleted files

Seek the help of co-workers who are eye-witnesses

Check the Windows registry for connection data (you may or may not recover)

Approach the website's administrator for evidence

Question 2 of 150

You have been asked to investigate the possibility of computer fraud in the finance department of a company. It is suspected that a staff member has been committing finance fraud by printing cheques that have not been authorized. You have exhaustively searched all data files on a bitmap image of the target computer, but have found no evidence. You suspect the files may not have been saved. What should you examine next in this case?

The registry

The swap file

The recycle bin

The metadata

Question 3 of 150

Which of the following are small pieces of data sent from a website and stored on the user’s computer by the user’s web browser to track, validate, and maintain specific user information?

Temporary Files

Open files

Web Browser Cache

Question 4 of 150

Depending upon the jurisdictional areas, different laws apply to different incidents. Which of the following law is related to fraud and related activity in connection with computers?

18 USC §1029

18 USC §1030

18 USC §1361

18 USC §1371

Question 5 of 150

Data is striped at a byte level across multiple drives, and parity information is distributed among all member drives.
Exam 312-49v11: Question 5 - Image 1

What RAID level is represented here?

RAID Level 0

RAID Level 5

RAID Level 3

RAID Level 1

About the ECCouncil 312-49v11 Certification Exam

About the Exam

The ECCouncil 312-49v11 (Computer Hacking Forensic Investigator) validates your knowledge and skills. Passing demonstrates proficiency and can boost your career prospects in the field.

How to Prepare

Work through all 150 practice questions across 30 pages. Focus on understanding the reasoning behind each answer rather than memorizing responses to be ready for any variation on the real exam.

Why Practice Exams?

Practice exams help you familiarize yourself with the question format, manage your time, and reduce anxiety on the test day. Our 312-49v11 questions are regularly updated to reflect the latest exam objectives.