100%合格、売れ筋最上位CFR-310試験材料は2022年最新のCertNexus練習試験合格させます [Q43-Q65]

Share

100%合格、売れ筋最上位CFR-310試験材料は2022年最新のCertNexus練習試験合格させます

CertNexus Certification問題集でCFR-310試験完全版問題、試験学習ガイド


CertNexus CFR-310 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • インシデント対応の準備におけるベストプラクティスの重要性を説明する
  • ソーシャルエンジニアリング戦術の目的と使用法を説明する
トピック 2
  • さまざまな脅威を比較対照し、脅威プロファイルを分類します
  • 正規表現を使用してログファイルを解析し、意味のあるデータを見つけます
トピック 3
  • エクスプロイト後のツールと戦術の目的と使用法を説明する
  • シナリオを前提として、インシデント対応プロセスを実行する
トピック 4
  • シナリオを前提として、Linuxベースのツールを使用してインシデントを分析します
  • マルウェア分析に使用される方法とツールを要約します
トピック 5
  • シナリオが与えられたら、Windowsツールを使用してインシデントを分析します
  • 一般的な軽減方法とデバイスを説明します

 

質問 43
Which asset would be the MOST desirable for a financially motivated attacker to obtain from a health insurance company?

  • A. Intellectual property
  • B. PII/PHI
  • C. Transaction logs
  • D. Network architecture

正解: B

 

質問 44
An attacker intercepts a hash and compares it to pre-computed hashes to crack a password. Which of the following methods has been used?

  • A. Password sniffing
  • B. Rainbow tables
  • C. Dictionary attack
  • D. Brute force attack

正解: B

 

質問 45
A security analyst is required to collect detailed network traffic on a virtual machine. Which of the following tools could the analyst use?

  • A. fport
  • B. WinDump
  • C. netstat
  • D. nbtstat

正解: C

 

質問 46
When attempting to determine which system or user is generating excessive web traffic, analysis of which of the following would provide the BEST results?

  • A. Browser logs
  • B. System logs
  • C. Proxy logs
  • D. HTTP logs

正解: C

 

質問 47
A web server is under a denial of service (DoS) attack. The administrator reviews logs and creates an access control list (ACL) to stop the attack. Which of the following technologies could perform these steps automatically in the future?

  • A. Intrusion prevention system (IPS)
  • B. Whitelisting
  • C. Intrusion detection system (IDS)
  • D. Blacklisting

正解: C

解説:
Explanation/Reference: https://www.ciscopress.com/articles/article.asp?p=345618

 

質問 48
Which of the following describes United States federal government cybersecurity policies and guidelines?

  • A. ANSI
  • B. NERC
  • C. GDPR
  • D. NIST

正解: D

解説:
Explanation/Reference: https://www.gsa.gov/technology/government-it-initiatives/cybersecurity/cybersecurity-programs- policy

 

質問 49
Which of the following technologies would reduce the risk of a successful SQL injection attack?

  • A. Stateful firewall
  • B. Web content filtering
  • C. Reverse proxy
  • D. Web application firewall

正解: D

解説:
Explanation/Reference: http://www.enterprisenetworkingplanet.com/netsecur/article.php/3866756/10-Ways-to-Prevent-or- Mitigate-SQL-Injection-Attacks.htm

 

質問 50
It was recently discovered that many of an organization's servers were running unauthorized cryptocurrency mining software. Which of the following assets were being targeted in this attack? (Choose two.)

  • A. Computing resources
  • B. Network resources
  • C. Power resources
  • D. Disk resources
  • E. Financial resources

正解: B,C

解説:
Explanation/Reference: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/security-101- the-impact-of-cryptocurrency-mining-malware

 

質問 51
Which of the following would MOST likely make a Windows workstation on a corporate network vulnerable to remote exploitation?

  • A. Disabling Windows Updates
  • B. Enabling Remote Registry
  • C. Disabling Windows Firewall
  • D. Enabling Remote Desktop

正解: D

 

質問 52
During a malware-driven distributed denial of service attack, a security researcher found excessive requests to a name server referring to the same domain name and host name encoded in hexadecimal. The malware author used which type of command and control?

  • A. Dnscat2
  • B. File Transfer Protocol (FTP)
  • C. Internet Relay Chat (IRC)
  • D. Custom channel

正解: B

 

質問 53
Which of the following is susceptible to a cache poisoning attack?

  • A. Domain Name System (DNS)
  • B. Hypertext Transfer Protocol Secure (HTTPS)
  • C. Hypertext Transfer Protocol (HTTP)
  • D. Secure Shell (SSH)

正解: A

 

質問 54
Network infrastructure has been scanned and the identified issues have been remediated. What is the next step in the vulnerability assessment process?

  • A. Conducting an audit
  • B. Establishing scope
  • C. Generating reports
  • D. Assessing exposures

正解: A

 

質問 55
The incident response team has completed root cause analysis for an incident. Which of the following actions should be taken in the next phase of the incident response process? (Choose two.)

  • A. Training staff for future incidents
  • B. Investigating responsible staff
  • C. Providing a briefing to management
  • D. Updating policies and procedures
  • E. Drafting a recovery plan for the incident

正解: D,E

 

質問 56
A company has noticed a trend of attackers gaining access to corporate mailboxes. Which of the following would be the BEST action to take to plan for this kind of attack in the future?

  • A. Scanning email server for vulnerabilities
  • B. Auditing account password complexity
  • C. Conducting security awareness training
  • D. Hardening the Microsoft Exchange Server

正解: A

 

質問 57
Organizations considered "covered entities" are required to adhere to which compliance requirement?

  • A. Payment Card Industry Data Security Standard (PCI DSS)
  • B. Health Insurance Portability and Accountability Act of 1996 (HIPAA)
  • C. Sarbanes-Oxley Act (SOX)
  • D. International Organization for Standardization (ISO) 27001

正解: B

解説:
Explanation/Reference: https://www.hhs.gov/hipaa/for-professionals/faq/190/who-must-comply-with-hipaa-privacy- standards/index.html

 

質問 58
In which of the following attack phases would an attacker use Shodan?

  • A. Gaining access
  • B. Scanning
  • C. Reconnaissance
  • D. Persistence

正解: B

解説:
Explanation/Reference: https://books.google.com.pk/books?id=3bzPDwAAQBAJ&pg=PA41&lpg=PA41&dq=attack
+phases+would+an+attacker+use
+Shodan&source=bl&ots=phUbfR8BOY&sig=ACfU3U1sg5J67s_sL_Ixpr3OiqdCIraKUw&hl=en&sa=X&ved
=2ahUKEwjazaKCssXpAhUC4YUKHcJ5CVwQ6AEwAXoECBMQAQ#v=onepage&q=attack%20phases%
20would%20an%20attacker%20use%20Shodan&f=false

 

質問 59
Tcpdump is a tool that can be used to detect which of the following indicators of compromise?

  • A. Unusual network traffic
  • B. Poor network performance
  • C. Unknown open ports
  • D. Unknown use of protocols

正解: A

 

質問 60
Which of the following is the GREATEST risk of having security information and event management (SIEM) collect computer names with older log entries?

  • A. Domain Name System (DNS) records may have changed since the log was created.
  • B. The computer name may not be admissible evidence in court.
  • C. There may be field name duplication when combining log files.
  • D. There may be duplicate computer names on the network.

正解: C

 

質問 61
An incident responder was asked to analyze malicious traffic. Which of the following tools would be BEST for this?

  • A. Hex editor
  • B. Snort
  • C. Wireshark
  • D. tcpdump

正解: C

解説:
Explanation/Reference: https://resources.infosecinstitute.com/category/certifications-training/network-traffic-analysis- for-incident-response/threat-intelligence-collection-and-analysis/analyzing-fileless-malware/#gref

 

質問 62
A system administrator identifies unusual network traffic from outside the local network. Which of the following is the BEST method for mitigating the threat?

  • A. Content filtering
  • B. Port blocking
  • C. Malware scanning
  • D. Packet capturing

正解: D

 

質問 63
Which of the following are legally compliant forensics applications that will detect an alternative data stream (ADS) or a file with an incorrect file extension? (Choose two.)

  • A. Write blocker
  • B. dd
  • C. EnCase
  • D. Disk duplicator
  • E. Forensic Toolkit (FTK)

正解: C,E

 

質問 64
A network administrator has determined that network performance has degraded due to excessive use of social media and Internet streaming services. Which of the following would be effective for limiting access to these types of services, without completely restricting access to a site?

  • A. Whitelisting
  • B. Network segmentation
  • C. Web content filtering
  • D. Blacklisting

正解: C

解説:
Explanation/Reference: https://umbrella.cisco.com/solutions/web-content-filtering

 

質問 65
......

正真正銘のベスト試験材料CFR-310オンライン練習試験:https://jp.fast2test.com/CFR-310-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어