
100%合格、売れ筋最上位CFR-310試験材料は2022年最新のCertNexus練習試験合格させます
CertNexus Certification問題集でCFR-310試験完全版問題、試験学習ガイド
CertNexus CFR-310 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
質問 43
Which asset would be the MOST desirable for a financially motivated attacker to obtain from a health insurance company?
- A. Intellectual property
- B. PII/PHI
- C. Transaction logs
- D. Network architecture
正解: B
質問 44
An attacker intercepts a hash and compares it to pre-computed hashes to crack a password. Which of the following methods has been used?
- A. Password sniffing
- B. Rainbow tables
- C. Dictionary attack
- D. Brute force attack
正解: B
質問 45
A security analyst is required to collect detailed network traffic on a virtual machine. Which of the following tools could the analyst use?
- A. fport
- B. WinDump
- C. netstat
- D. nbtstat
正解: C
質問 46
When attempting to determine which system or user is generating excessive web traffic, analysis of which of the following would provide the BEST results?
- A. Browser logs
- B. System logs
- C. Proxy logs
- D. HTTP logs
正解: C
質問 47
A web server is under a denial of service (DoS) attack. The administrator reviews logs and creates an access control list (ACL) to stop the attack. Which of the following technologies could perform these steps automatically in the future?
- A. Intrusion prevention system (IPS)
- B. Whitelisting
- C. Intrusion detection system (IDS)
- D. Blacklisting
正解: C
解説:
Explanation/Reference: https://www.ciscopress.com/articles/article.asp?p=345618
質問 48
Which of the following describes United States federal government cybersecurity policies and guidelines?
- A. ANSI
- B. NERC
- C. GDPR
- D. NIST
正解: D
解説:
Explanation/Reference: https://www.gsa.gov/technology/government-it-initiatives/cybersecurity/cybersecurity-programs- policy
質問 49
Which of the following technologies would reduce the risk of a successful SQL injection attack?
- A. Stateful firewall
- B. Web content filtering
- C. Reverse proxy
- D. Web application firewall
正解: D
解説:
Explanation/Reference: http://www.enterprisenetworkingplanet.com/netsecur/article.php/3866756/10-Ways-to-Prevent-or- Mitigate-SQL-Injection-Attacks.htm
質問 50
It was recently discovered that many of an organization's servers were running unauthorized cryptocurrency mining software. Which of the following assets were being targeted in this attack? (Choose two.)
- A. Computing resources
- B. Network resources
- C. Power resources
- D. Disk resources
- E. Financial resources
正解: B,C
解説:
Explanation/Reference: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/security-101- the-impact-of-cryptocurrency-mining-malware
質問 51
Which of the following would MOST likely make a Windows workstation on a corporate network vulnerable to remote exploitation?
- A. Disabling Windows Updates
- B. Enabling Remote Registry
- C. Disabling Windows Firewall
- D. Enabling Remote Desktop
正解: D
質問 52
During a malware-driven distributed denial of service attack, a security researcher found excessive requests to a name server referring to the same domain name and host name encoded in hexadecimal. The malware author used which type of command and control?
- A. Dnscat2
- B. File Transfer Protocol (FTP)
- C. Internet Relay Chat (IRC)
- D. Custom channel
正解: B
質問 53
Which of the following is susceptible to a cache poisoning attack?
- A. Domain Name System (DNS)
- B. Hypertext Transfer Protocol Secure (HTTPS)
- C. Hypertext Transfer Protocol (HTTP)
- D. Secure Shell (SSH)
正解: A
質問 54
Network infrastructure has been scanned and the identified issues have been remediated. What is the next step in the vulnerability assessment process?
- A. Conducting an audit
- B. Establishing scope
- C. Generating reports
- D. Assessing exposures
正解: A
質問 55
The incident response team has completed root cause analysis for an incident. Which of the following actions should be taken in the next phase of the incident response process? (Choose two.)
- A. Training staff for future incidents
- B. Investigating responsible staff
- C. Providing a briefing to management
- D. Updating policies and procedures
- E. Drafting a recovery plan for the incident
正解: D,E
質問 56
A company has noticed a trend of attackers gaining access to corporate mailboxes. Which of the following would be the BEST action to take to plan for this kind of attack in the future?
- A. Scanning email server for vulnerabilities
- B. Auditing account password complexity
- C. Conducting security awareness training
- D. Hardening the Microsoft Exchange Server
正解: A
質問 57
Organizations considered "covered entities" are required to adhere to which compliance requirement?
- A. Payment Card Industry Data Security Standard (PCI DSS)
- B. Health Insurance Portability and Accountability Act of 1996 (HIPAA)
- C. Sarbanes-Oxley Act (SOX)
- D. International Organization for Standardization (ISO) 27001
正解: B
解説:
Explanation/Reference: https://www.hhs.gov/hipaa/for-professionals/faq/190/who-must-comply-with-hipaa-privacy- standards/index.html
質問 58
In which of the following attack phases would an attacker use Shodan?
- A. Gaining access
- B. Scanning
- C. Reconnaissance
- D. Persistence
正解: B
解説:
Explanation/Reference: https://books.google.com.pk/books?id=3bzPDwAAQBAJ&pg=PA41&lpg=PA41&dq=attack
+phases+would+an+attacker+use
+Shodan&source=bl&ots=phUbfR8BOY&sig=ACfU3U1sg5J67s_sL_Ixpr3OiqdCIraKUw&hl=en&sa=X&ved
=2ahUKEwjazaKCssXpAhUC4YUKHcJ5CVwQ6AEwAXoECBMQAQ#v=onepage&q=attack%20phases%
20would%20an%20attacker%20use%20Shodan&f=false
質問 59
Tcpdump is a tool that can be used to detect which of the following indicators of compromise?
- A. Unusual network traffic
- B. Poor network performance
- C. Unknown open ports
- D. Unknown use of protocols
正解: A
質問 60
Which of the following is the GREATEST risk of having security information and event management (SIEM) collect computer names with older log entries?
- A. Domain Name System (DNS) records may have changed since the log was created.
- B. The computer name may not be admissible evidence in court.
- C. There may be field name duplication when combining log files.
- D. There may be duplicate computer names on the network.
正解: C
質問 61
An incident responder was asked to analyze malicious traffic. Which of the following tools would be BEST for this?
- A. Hex editor
- B. Snort
- C. Wireshark
- D. tcpdump
正解: C
解説:
Explanation/Reference: https://resources.infosecinstitute.com/category/certifications-training/network-traffic-analysis- for-incident-response/threat-intelligence-collection-and-analysis/analyzing-fileless-malware/#gref
質問 62
A system administrator identifies unusual network traffic from outside the local network. Which of the following is the BEST method for mitigating the threat?
- A. Content filtering
- B. Port blocking
- C. Malware scanning
- D. Packet capturing
正解: D
質問 63
Which of the following are legally compliant forensics applications that will detect an alternative data stream (ADS) or a file with an incorrect file extension? (Choose two.)
- A. Write blocker
- B. dd
- C. EnCase
- D. Disk duplicator
- E. Forensic Toolkit (FTK)
正解: C,E
質問 64
A network administrator has determined that network performance has degraded due to excessive use of social media and Internet streaming services. Which of the following would be effective for limiting access to these types of services, without completely restricting access to a site?
- A. Whitelisting
- B. Network segmentation
- C. Web content filtering
- D. Blacklisting
正解: C
解説:
Explanation/Reference: https://umbrella.cisco.com/solutions/web-content-filtering
質問 65
......
正真正銘のベスト試験材料CFR-310オンライン練習試験:https://jp.fast2test.com/CFR-310-premium-file.html