Labour Day Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

 
Home > CertNexus > CyberSec First Responder > CFR-410

CFR-410 CyberSec First Responder (CFR) Exam Question and Answers

Question # 4

As part of an organization’s regular maintenance activities, a security engineer visits the Internet Storm Center advisory page to obtain the latest list of blacklisted host/network addresses. The security engineer does this to perform which of the following activities?

A.

Update the latest proxy access list

B.

Monitor the organization’s network for suspicious traffic

C.

Monitor the organization’s sensitive databases

D.

Update access control list (ACL) rules for network devices

Full Access
Question # 5

If a hacker is attempting to alter or delete system audit logs, in which of the following attack phases is the hacker involved?

A.

Covering tracks

B.

Expanding access

C.

Gaining persistence

D.

Performing reconnaissance

Full Access
Question # 6

An unauthorized network scan may be detected by parsing network sniffer data for:

A.

IP traffic from a single IP address to multiple IP addresses.

B.

IP traffic from a single IP address to a single IP address.

C.

IP traffic from multiple IP addresses to a single IP address.

D.

IP traffic from multiple IP addresses to other networks.

Full Access
Question # 7

To minimize vulnerability, which steps should an organization take before deploying a new Internet of Things (IoT) device? (Choose two.)

A.

Changing the default password

B.

Updating the device firmware

C.

Setting up new users

D.

Disabling IPv6

E.

Enabling the firewall

Full Access
Question # 8

A user receives an email about an unfamiliar bank transaction, which includes a link. When clicked, the link redirects the user to a web page that looks exactly like their bank’s website and asks them to log in with their username and password. Which type of attack is this?

A.

Whaling

B.

Smishing

C.

Vishing

D.

Phishing

Full Access
Question # 9

Which of the following methods are used by attackers to find new ransomware victims? (Choose two.)

A.

Web crawling

B.

Distributed denial of service (DDoS) attack

C.

Password guessing

D.

Phishing

E.

Brute force attack

Full Access
Question # 10

During a security investigation, a suspicious Linux laptop is found in the server room. The laptop is processing information and indicating network activity. The investigator is preparing to launch an investigation to

determine what is happening with this laptop. Which of the following is the MOST appropriate set of Linux commands that should be executed to conduct the investigation?

A.

iperf, traceroute, whois, ls, chown, cat

B.

iperf, wget, traceroute, dc3dd, ls, whois

C.

lsof, chmod, nano, whois, chown, ls

D.

lsof, ifconfig, who, ps, ls, tcpdump

Full Access
Question # 11

An incident responder has collected network capture logs in a text file, separated by five or more data fields.

Which of the following is the BEST command to use if the responder would like to print the file (to terminal/ screen) in numerical order?

A.

cat | tac

B.

more

C.

sort –n

D.

less

Full Access
Question # 12

In which of the following attack phases would an attacker use Shodan?

A.

Scanning

B.

Reconnaissance

C.

Gaining access

D.

Persistence

Full Access
Question # 13

Which of the following would MOST likely make a Windows workstation on a corporate network vulnerable to remote exploitation?

A.

Disabling Windows Updates

B.

Disabling Windows Firewall

C.

Enabling Remote Registry

D.

Enabling Remote Desktop

Full Access
Question # 14

An incident responder was asked to analyze malicious traffic. Which of the following tools would be BEST for this?

A.

Hex editor

B.

tcpdump

C.

Wireshark

D.

Snort

Full Access
Question # 15

An automatic vulnerability scan has been performed. Which is the next step of the vulnerability assessment process?

A.

Hardening the infrastructure

B.

Documenting exceptions

C.

Assessing identified exposures

D.

Generating reports

Full Access
Copyright myexamcollection.com. All Right Reserved.