Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

New Release CFR-410 CyberSec First Responder Questions

Page: 9 / 14
Total 180 questions

CyberSec First Responder (CFR) Exam Questions and Answers

Question 33

If an organization suspects criminal activity during the response to an incident, when should they notify law enforcement authorities?

Options:

A.

After one day of network downtime.

B.

According to a pre-defined cost threshold.

C.

As soon as criminal activity is suspected.

D.

After the criminal activity is confirmed.

Question 34

After successfully enumerating the target, the hacker determines that the victim is using a firewall. Which of the following techniques would allow the hacker to bypass the intrusion prevention system (IPS)?

Options:

A.

Stealth scanning

B.

Xmas scanning

C.

FINS scanning

D.

Port scanning

Question 35

During a malware-driven distributed denial of service attack, a security researcher found excessive requests to a name server referring to the same domain name and host name encoded in hexadecimal. The malware author used which type of command and control?

Options:

A.

Internet Relay Chat (IRC)

B.

Dnscat2

C.

Custom channel

D.

File Transfer Protocol (FTP)

Question 36

A security operations center (SOC) analyst observed an unusually high number of login failures on a particular database server. The analyst wants to gather supporting evidence before escalating the observation to management. Which of the following expressions will provide login failure data for 11/24/2015?

Options:

A.

grep 20151124 security_log | grep –c “login failure”

B.

grep 20150124 security_log | grep “login_failure”

C.

grep 20151124 security_log | grep “login”

D.

grep 20151124 security_log | grep –c “login”

Page: 9 / 14
Total 180 questions