최신 CFR-310 무료덤프 - CertNexus CyberSec First Responder (CFR)

문제1

After a hacker obtained a shell on a Linux box, the hacker then sends the exfiltrated data via Domain Name System (DNS). This is an example of which type of data exfiltration?

A. Rogue service

B. Steganography

C. Covert channels

D. File sharing services

정답: C

문제2

Which asset would be the MOST desirable for a financially motivated attacker to obtain from a health insurance company?

A. Transaction logs

B. PII/PHI

C. Intellectual property

D. Network architecture

정답: B

문제3

A system administrator identifies unusual network traffic from outside the local network. Which of the following is the BEST method for mitigating the threat?

A. Packet capturing

B. Port blocking

C. Content filtering

D. Malware scanning

정답: A

문제4

Which of the following security best practices should a web developer reference when developing a new web- based application?

A. Control Objectives for Information and Related Technology (COBIT)

B. Risk Management Framework (RMF)

C. Open Web Application Security Project (OWASP)

D. World Wide Web Consortium (W3C)

정답: C

문제5

While planning a vulnerability assessment on a computer network, which of the following is essential?
(Choose two.)

A. Identifying exposures

B. Running scanning tools

C. Establishing scope

D. Installing antivirus software

E. Identifying critical assets

정답: A,C

문제6

Which of the following characteristics of a web proxy strengthens cybersecurity? (Choose two.)

A. Increases browsing speed

B. Filters unwanted content

C. Limits direct connection to Internet

D. Decreases wide area network (WAN) traffic

E. Caches frequently-visited websites

정답: A,E

문제7

A company that maintains a public city infrastructure was breached and information about future city projects was leaked. After the post-incident phase of the process has been completed, which of the following would be PRIMARY focus of the incident response team?

A. Determine effective policy changes.

B. Restore service and eliminate the business impact.

C. Inform the company board about the incident.

D. Contact the city police for official investigation.

정답: A

문제8

The incident response team has completed root cause analysis for an incident. Which of the following actions should be taken in the next phase of the incident response process? (Choose two.)

A. Drafting a recovery plan for the incident

B. Updating policies and procedures

C. Investigating responsible staff

D. Providing a briefing to management

E. Training staff for future incidents

정답: A,B

문제9

A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also establishing a connection to IP 88.143.12.123. Which of the following commands should the administrator use to capture only the traffic between the two hosts?

A. # tcpdump -i eth0 host 88.143.12.123

B. # tcpdump -i eth0 src 88.143.12.123

C. # tcpdump -i eth0 host 192.168.10.121

D. # tcpdump -i eth0 dst 88.143.12.123

정답: D

문제10

Which of the following would MOST likely make a Windows workstation on a corporate network vulnerable to remote exploitation?

A. Disabling Windows Updates

B. Enabling Remote Desktop

C. Disabling Windows Firewall

D. Enabling Remote Registry

정답: B

최신 CFR-310 무료덤프 - CertNexus CyberSec First Responder (CFR)

우리와 연락하기

유용한 링크

최신 업데이트