CFR-410試験無料問題集（100題）「CertNexus CyberSec First Responder 認定」

出題：1

The incident response team has completed root cause analysis for an incident. Which of the following actions should be taken in the next phase of the incident response process? (Choose two.)

A. Providing a briefing to management

B. Investigating responsible staff

C. Updating policies and procedures

D. Drafting a recovery plan for the incident

E. Training staff for future incidents

正解：C,D 解答を投票する

出題：2

Which of the following, when exposed together, constitutes PII? (Choose two.)

A. Full name

B. Employment status

C. Marital status

D. Account balance

E. Birth date

正解：A,D 解答を投票する

出題：3

A security administrator is investigating a compromised host. Which of the following commands could the investigator use to display executing processes in real time?

A. ps

B. nice

C. pstree

D. top

正解：D 解答を投票する

出題：4

If a hacker is attempting to alter or delete system audit logs, in which of the following attack phases is the hacker involved?

A. Performing reconnaissance

B. Expanding access

C. Covering tracks

D. Gaining persistence

正解：C 解答を投票する

出題：5

An organization recently suffered a data breach involving a server that had Transmission Control Protocol (TCP) port 1433 inadvertently exposed to the Internet. Which of the following services was vulnerable?

A. Network Basic Input/Output System (NetBIOS)

B. Network Time Protocol (NTP)

C. Database

D. Internet Message Access Protocol (IMAP)

正解：C 解答を投票する

出題：6

A security operations center (SOC) analyst observed an unusually high number of login failures on a particular database server. The analyst wants to gather supporting evidence before escalating the observation to management. Which of the following expressions will provide login failure data for 11/24/2015?

A. grep 20151124 security_log | grep "login"

B. grep 20150124 security_log | grep "login_failure"

C. grep 20151124 security_log | grep -c "login"

D. grep 20151124 security_log | grep -c "login failure"

正解：A 解答を投票する

出題：7

Which of the following are part of the hardening phase of the vulnerability assessment process? (Choose two.)

A. Generating reports

B. Conducting audits

C. Documenting exceptions

D. Installing patches

E. Updating configurations

正解：D,E 解答を投票する

出題：8

A company has noticed a trend of attackers gaining access to corporate mailboxes. Which of the following would be the BEST action to take to plan for this kind of attack in the future?

A. Hardening the Microsoft Exchange Server

B. Conducting security awareness training

C. Auditing account password complexity

D. Scanning email server for vulnerabilities

正解：D 解答を投票する

出題：9

A company website was hacked via the following SQL query:
email, passwd, login_id, full_name FROM members
WHERE email = "[email protected]"; DROP TABLE members; -"
Which of the following did the hackers perform?

A. Performed a cross-site scripting (XSS) attack

B. Deleted the email password and login details

C. Cleared tracks of [email protected] entries

D. Deleted the entire members table

正解：B 解答を投票する

出題：10

A system administrator identifies unusual network traffic from outside the local network. Which of the following is the BEST method for mitigating the threat?

A. Packet capturing

B. Port blocking

C. Malware scanning

D. Content filtering

正解：A 解答を投票する

CFR-410試験無料問題集「CertNexus CyberSec First Responder 認定」