CyberSec First Responder CFR-310 Practice Test Questions

CyberSec First Responder® (CFR) is a comprehensive certification designed to validate the knowledge and skills required to protect these critical information systems before, during, and after an incident. The CyberSec First Responder™ exam will certify that the successful candidate has the knowledge, skills, and abilities required to deal with a changing threat landscape and will be able to assess risk and vulnerabilities, acquire data, perform analysis, continuously communicate, determine scope, recommend remediation actions, and accurately report results.

At PassQuestion we strive hard to provide you the full development of a balanced pass CFR-310 exam successfully. We aim that you get the CyberSec First Responder CFR-310 Practice Test Questions that are actually required to go through CFR-310 exam. With the help of the PassQuestion CyberSec First Responder CFR-310 Practice Test Questions, you can pass your CertNexus CFR-310 exam certification in your first attempt. PassQuestion CyberSec First Responder CFR-310 Practice Test Questions are composed by the contemporary and dynamic Information Technology experts, who use their knowledge and experience to organize you for your future in IT.

CyberSec First Responder CFR-310 Practice Test Questions

1. A network security analyst has noticed a flood of Simple Mail Transfer Protocol (SMTP) traffic to internal clients. SMTP traffic should only be allowed to email servers.

Which of the following commands would stop this attack? (Choose two.)

 
 
 
 
 

2. A secretary receives an email from a friend with a picture of a kitten in it. The secretary forwards it to the ~COMPANYWIDE mailing list and, shortly thereafter, users across the company receive the following message:

“You seem tense. Take a deep breath and relax!”

The incident response team is activated and opens the picture in a virtual machine to test it. After a short analysis, the following code is found in C:

\Temp\chill.exe:Powershell.exe –Command “do {(for /L %i in (2,1,254) do shutdown /r /m Error! Hyperlink reference not valid.> /f /t / 0 (/c “You seem tense. Take a deep breath and relax!”);Start-Sleep –s 900) } while(1)”

Which of the following BEST represents what the attacker was trying to accomplish?

 
 
 
 

3. A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also establishing a connection to IP 88.143.12.123.

Which of the following commands should the administrator use to capture only the traffic between the two hosts?

 
 
 
 

4. After imaging a disk as part of an investigation, a forensics analyst wants to hash the image using a tool that supports piecewise hashing.

Which of the following tools should the analyst use?

 
 
 
 

5. Which of the following is a cybersecurity solution for insider threats to strengthen information protection?

 
 
 
 

6. A security administrator is investigating a compromised host.

Which of the following commands could the investigator use to display executing processes in real time?

 
 
 
 

7. A system administrator identifies unusual network traffic from outside the local network.

Which of the following is the BEST method for mitigating the threat?

 
 
 
 

8. Which of the following technologies would reduce the risk of a successful SQL injection attack?

 
 
 
 

9. An incident responder has collected network capture logs in a text file, separated by five or more data fields.

Which of the following is the BEST command to use if the responder would like to print the file (to terminal/ screen) in numerical order?

 
 
 
 

10. Which of the following characteristics of a web proxy strengthens cybersecurity? (Choose two.)

 
 
 
 
 

Leave a Reply

Your email address will not be published. Required fields are marked *