Computer Hacking Forensic Investigator (CHFI) v9 (312-49v9) - EC Council Actual Exam Questions
Last updated on May 13, 2026
Which program uses different techniques to conceal a malware's code, thereby making it difficult for security mechanisms to detect or remove it?
Dropper
Packer
Injector
Obfuscator
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
The ____________________ refers to handing over the results of private investigations to the authorities because of indications of criminal activity.
Locard Exchange Principle
Clark Standard
Kelly Policy
Silver-Platter Doctrine
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Which one of the following is not a first response procedure?
Preserve volatile data
Fill forms
Crack passwords
Take photos
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
CAN-SPAM act requires that you:
Don’t use deceptive subject lines
Don’t tell the recipients where you are located
Don’t identify the message as an ad
Don’t use true header information
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Smith, a network administrator with a large MNC, was the first to arrive at a suspected crime scene involving criminal use of compromised computers. What should be his first response while maintaining the integrity of evidence?
Record the system state by taking photographs of physical system and the display
Perform data acquisition without disturbing the state of the systems
Open the systems, remove the hard disk and secure it
Switch off the systems and carry them to the laboratory
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Finish Practice?
Are you sure you want to finish? This will end your practice session.