Certbus > CertNexus > CertNexus Certification > CFR-310 > CFR-310 Online Practice Questions and Answers

CFR-310 Online Practice Questions and Answers

Questions 4

A network security analyst has noticed a flood of Simple Mail Transfer Protocol (SMTP) traffic to internal clients. SMTP traffic should only be allowed to email servers. Which of the following commands would stop this attack? (Choose two.)

A. iptables -A INPUT -p tcp –dport 25 -d x.x.x.x -j ACCEPT

B. iptables -A INPUT -p tcp –sport 25 -d x.x.x.x -j ACCEPT

C. iptables -A INPUT -p tcp –dport 25 -j DROP

D. iptables -A INPUT -p tcp –destination-port 21 -j DROP

E. iptables -A FORWARD -p tcp –dport 6881:6889 -j DROP

Browse 100 Q&As
Questions 5

Which of the following characteristics of a web proxy strengthens cybersecurity? (Choose two.)

A. Increases browsing speed

B. Filters unwanted content

C. Limits direct connection to Internet

D. Caches frequently-visited websites

E. Decreases wide area network (WAN) traffic

Browse 100 Q&As
Questions 6

A network administrator has determined that network performance has degraded due to excessive use of social media and Internet streaming services. Which of the following would be effective for limiting access to these types of services, without completely restricting access to a site?

A. Whitelisting

B. Web content filtering

C. Network segmentation

D. Blacklisting

Browse 100 Q&As
Questions 7

A security investigator has detected an unauthorized insider reviewing files containing company secrets. Which of the following commands could the investigator use to determine which files have been opened by this user?

A. ls

B. lsof

C. ps

D. netstat

Browse 100 Q&As
Questions 8

In which of the following attack phases would an attacker use Shodan?

A. Scanning

B. Reconnaissance

C. Gaining access

D. Persistence

Browse 100 Q&As
Questions 9

A user receives an email about an unfamiliar bank transaction, which includes a link. When clicked, the link redirects the user to a web page that looks exactly like their bank's website and asks them to log in with their username and password. Which type of attack is this?

A. Whaling

B. Smishing

C. Vishing

D. Phishing

Browse 100 Q&As
Questions 10

A company has noticed a trend of attackers gaining access to corporate mailboxes. Which of the following would be the BEST action to take to plan for this kind of attack in the future?

A. Scanning email server for vulnerabilities

B. Conducting security awareness training

C. Hardening the Microsoft Exchange Server

D. Auditing account password complexity

Browse 100 Q&As
Questions 11

Which of the following is a method of reconnaissance in which a ping is sent to a target with the expectation of receiving a response?

A. Active scanning

B. Passive scanning

C. Network enumeration

D. Application enumeration

Browse 100 Q&As
Questions 12

A security engineer is setting up security information and event management (SIEM). Which of the following log sources should the engineer include that will contain indicators of a possible web server compromise? (Choose two.)

A. NetFlow logs

B. Web server logs

C. Domain controller logs

D. Proxy logs

E. FTP logs

Browse 100 Q&As
Questions 13

An incident response team is concerned with verifying the integrity of security information and event management (SIEM) events after being written to disk. Which of the following represents the BEST option for addressing this concern?

A. Time synchronization

B. Log hashing

C. Source validation

D. Field name consistency

Browse 100 Q&As
Questions 14

Organizations considered "covered entities" are required to adhere to which compliance requirement?

A. Health Insurance Portability and Accountability Act of 1996 (HIPAA)

B. Payment Card Industry Data Security Standard (PCI DSS)

C. Sarbanes-Oxley Act (SOX)

D. International Organization for Standardization (ISO) 27001

Browse 100 Q&As
Questions 15

An incident at a government agency has occurred and the following actions were taken:

-Users have regained access to email accounts

-Temporary VPN services have been removed

-Host-based intrusion prevention system (HIPS) and antivirus (AV) signatures have been updated

-Temporary email servers have been decommissioned

Which of the following phases of the incident response process match the actions taken?

A. Containment

B. Post-incident

C. Recovery

D. Identification

Browse 100 Q&As
Questions 16

Which of the following is the FIRST step taken to maintain the chain of custody in a forensic investigation?

A. Security and evaluating the electronic crime scene.

B. Transporting the evidence to the forensics lab

C. Packaging the electronic device

D. Conducting preliminary interviews

Browse 100 Q&As
Questions 17

While planning a vulnerability assessment on a computer network, which of the following is essential? (Choose two.)

A. Identifying exposures

B. Identifying critical assets

C. Establishing scope

D. Running scanning tools

E. Installing antivirus software

Browse 100 Q&As
Questions 18

Which of the following is susceptible to a cache poisoning attack?

A. Domain Name System (DNS)

B. Secure Shell (SSH)

C. Hypertext Transfer Protocol Secure (HTTPS)

D. Hypertext Transfer Protocol (HTTP)

Browse 100 Q&As
Exam Code: CFR-310
Exam Name: CyberSec First Responder
Last Update: Mar 19, 2024
Questions: 100 Q&As

PDF

$45.99

VCE

$49.99

PDF + VCE

$59.99