CertsTopics Logo

Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CyberSec First Responder CFR-210 Logical Operations Study Notes

Page: 3 / 4
Total 100 questions
Get CFR-210 Full Access Download CFR-210 PDF

Logical Operations CyberSec First Responder Questions and Answers

Question 9

A DMZ web server has been compromised. During the log review, the incident responder wants to parse all common internal Class A addresses from the log. Which of the following commands should the responder use to accomplish this?

Options:

A.

grep –x”(10.[0-9]+.[0-9]+.[0-9]+)” etc/rc.d/apache2/access.log | output.txt

B.

grep –x”(192.168.[0.9]+[0-9])” bin/apache2/access.log | output.txt

C.

grep –v”(10.[0-9]+.[0-9]+.[0-9]+)” /var/log/apache2/access.log > output.txt

D.

grep –v”(192.168.[0.9]+[0-9]+)” /var/log/apache2/access.log > output.txt

Question 10

Network engineering has reported low bandwidth during working hours. The incident response team is currently investigating several anomalous activities that may be related. Which of the following is the MOST appropriate method to further investigate this problem?

Options:

A.

Collecting and analyzing computer logs

B.

Imaging hard disk drives of computers on the network

C.

Capturing network traffic and packet analysis

D.

Penetration testing and port scanning

Question 11

An organization’s firewall has recently been bombarded with an excessive amount of failed requests. A security analyst has been tasked with providing metrics on any failed attempts to ports above 1000. Which of the following regular expressions will work BEST to identify an IP address with the desired port range?

Options:

A.

/\b^(?\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):({4,5}\d+)\b/

B.

/\b^(?\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):([4]\D+)\b/

C.

/\b^(?\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):([4]\d+)\b/

D.

/\b^(?\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):(\d{1,5})\b/

Question 12

Which of the following technologies is used as mitigation to XSS attacks?

Options:

A.

Intrusion prevention

B.

Proxy filtering

C.

Web application firewall

D.

Intrusion detection

Page: 3 / 4
Total 100 questions
Get CFR-210 Full Access Download CFR-210 PDF