New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium CertNexus CFR-410 Dumps Questions Answers

Page: 1 / 4
Total 100 questions

CyberSec First Responder Questions and Answers

Question 1

After a hacker obtained a shell on a Linux box, the hacker then sends the exfiltrated data via Domain Name System (DNS). This is an example of which type of data exfiltration?

Options:

A.

Covert channels

B.

File sharing services

C.

Steganography

D.

Rogue service

Buy Now
Question 2

It was recently discovered that many of an organization’s servers were running unauthorized cryptocurrency mining software. Which of the following assets were being targeted in this attack? (Choose two.)

Options:

A.

Power resources

B.

Network resources

C.

Disk resources

D.

Computing resources

E.

Financial resources

Question 3

An incident responder discovers that the CEO logged in from their New York City office and then logged in from a location in Beijing an hour later. The incident responder suspects that the CEO’s account has been

compromised. Which of the following anomalies MOST likely contributed to the incident responder’s suspicion?

Options:

A.

Geolocation

B.

False positive

C.

Geovelocity

D.

Advanced persistent threat (APT) activity

Question 4

A company that maintains a public city infrastructure was breached and information about future city projects was leaked. After the post-incident phase of the process has been completed, which of the following would be

PRIMARY focus of the incident response team?

Options:

A.

Restore service and eliminate the business impact.

B.

Determine effective policy changes.

C.

Inform the company board about the incident.

D.

Contact the city police for official investigation.

Question 5

A security investigator has detected an unauthorized insider reviewing files containing company secrets.

Which of the following commands could the investigator use to determine which files have been opened by this user?

Options:

A.

ls

B.

lsof

C.

ps

D.

netstat

Question 6

During which phase of a vulnerability assessment would a security consultant need to document a requirement to retain a legacy device that is no longer supported and cannot be taken offline?

Options:

A.

Conducting post-assessment tasks

B.

Determining scope

C.

Identifying critical assets

D.

Performing a vulnerability scan

Question 7

A company has noticed a trend of attackers gaining access to corporate mailboxes. Which of the following

would be the BEST action to take to plan for this kind of attack in the future?

Options:

A.

Scanning email server for vulnerabilities

B.

Conducting security awareness training

C.

Hardening the Microsoft Exchange Server

D.

Auditing account password complexity

Question 8

Which of the following are part of the hardening phase of the vulnerability assessment process? (Choose two.)

Options:

A.

Installing patches

B.

Updating configurations

C.

Documenting exceptions

D.

Conducting audits

E.

Generating reports

Question 9

A common formula used to calculate risk is:+ Threats + Vulnerabilities = Risk. Which of the following represents the missing factor in this formula?

Options:

A.

Exploits

B.

Security

C.

Asset

D.

Probability

Question 10

Tcpdump is a tool that can be used to detect which of the following indicators of compromise?

Options:

A.

Unusual network traffic

B.

Unknown open ports

C.

Poor network performance

D.

Unknown use of protocols

Question 11

An attacker intercepts a hash and compares it to pre-computed hashes to crack a password. Which of the following methods has been used?

Options:

A.

Password sniffing

B.

Brute force attack

C.

Rainbow tables

D.

Dictionary attack

Question 12

During the forensic analysis of a compromised computer image, the investigator found that critical files are missing, caches have been cleared, and the history and event log files are empty. According to this scenario, which of the following techniques is the suspect using?

Options:

A.

System hardening techniques

B.

System optimization techniques

C.

Defragmentation techniques

D.

Anti-forensic techniques

Question 13

Which of the following could be useful to an organization that wants to test its incident response procedures without risking any system downtime?

Options:

A.

Blue team exercise

B.

Business continuity exercise

C.

Tabletop exercise

D.

Red team exercise

Question 14

Which of the following is the FIRST step taken to maintain the chain of custody in a forensic investigation?

Options:

A.

Security and evaluating the electronic crime scene.

B.

Transporting the evidence to the forensics lab

C.

Packaging the electronic device

D.

Conducting preliminary interviews

Question 15

An automatic vulnerability scan has been performed. Which is the next step of the vulnerability assessment process?

Options:

A.

Hardening the infrastructure

B.

Documenting exceptions

C.

Assessing identified exposures

D.

Generating reports

Page: 1 / 4
Total 100 questions