[2023年07月28日] 最新をゲットせよ!CFR-410認定練習テスト問題と試験問題集 [Q20-Q38]

Share

[2023年07月28日] 最新をゲットせよ!CFR-410認定練習テスト問題と試験問題集

リアルCFR-410試験問題集解答で有効なCFR-410問題集PDF

質問 # 20
A system administrator identifies unusual network traffic from outside the local network. Which of the following is the BEST method for mitigating the threat?

  • A. Content filtering
  • B. Port blocking
  • C. Malware scanning
  • D. Packet capturing

正解:D


質問 # 21
Which of the following is the FIRST step taken to maintain the chain of custody in a forensic investigation?

  • A. Transporting the evidence to the forensics lab
  • B. Packaging the electronic device
  • C. Security and evaluating the electronic crime scene.
  • D. Conducting preliminary interviews

正解:B


質問 # 22
During which of the following attack phases might a request sent to port 1433 over a whole company network be seen within a log?

  • A. Persistence
  • B. Scanning
  • C. Gaining access
  • D. Reconnaissance

正解:B


質問 # 23
Which of the following is the GREATEST risk of having security information and event management (SIEM) collect computer names with older log entries?

  • A. Domain Name System (DNS) records may have changed since the log was created.
  • B. There may be duplicate computer names on the network.
  • C. There may be field name duplication when combining log files.
  • D. The computer name may not be admissible evidence in court.

正解:C


質問 # 24
Which of the following is an automated password cracking technique that uses a combination of uppercase and lowercase letters, 0-9 numbers, and special characters?

  • A. Rainbow tables
  • B. Password guessing
  • C. Dictionary attack
  • D. Brute force attack

正解:D


質問 # 25
After a hacker obtained a shell on a Linux box, the hacker then sends the exfiltrated data via Domain Name System (DNS). This is an example of which type of data exfiltration?

  • A. Covert channels
  • B. Steganography
  • C. Rogue service
  • D. File sharing services

正解:A


質問 # 26
Which of the following technologies would reduce the risk of a successful SQL injection attack?

  • A. Stateful firewall
  • B. Reverse proxy
  • C. Web content filtering
  • D. Web application firewall

正解:D


質問 # 27
A company website was hacked via the following SQL query:
email, passwd, login_id, full_name FROM members
WHERE email = "[email protected]"; DROP TABLE members; -"
Which of the following did the hackers perform?

  • A. Deleted the entire members table
  • B. Deleted the email password and login details
  • C. Cleared tracks of [email protected] entries
  • D. Performed a cross-site scripting (XSS) attack

正解:B


質問 # 28
Which asset would be the MOST desirable for a financially motivated attacker to obtain from a health insurance company?

  • A. Intellectual property
  • B. Transaction logs
  • C. PII/PHI
  • D. Network architecture

正解:C


質問 # 29
A company that maintains a public city infrastructure was breached and information about future city projects was leaked. After the post-incident phase of the process has been completed, which of the following would be PRIMARY focus of the incident response team?

  • A. Contact the city police for official investigation.
  • B. Determine effective policy changes.
  • C. Restore service and eliminate the business impact.
  • D. Inform the company board about the incident.

正解:B


質問 # 30
Recently, a cybersecurity research lab discovered that there is a hacking group focused on hacking into the computers of financial executives in Company A to sell the exfiltrated information to Company B.
Which of the
following threat motives does this MOST likely represent?

  • A. Association/affiliation
  • B. Desire for power
  • C. Desire for financial gain
  • D. Reputation/recognition

正解:C


質問 # 31
As part of an organization's regular maintenance activities, a security engineer visits the Internet Storm Center advisory page to obtain the latest list of blacklisted host/network addresses. The security engineer does this to perform which of the following activities?

  • A. Monitor the organization's network for suspicious traffic
  • B. Update the latest proxy access list
  • C. Update access control list (ACL) rules for network devices
  • D. Monitor the organization's sensitive databases

正解:C


質問 # 32
A security investigator has detected an unauthorized insider reviewing files containing company secrets.
Which of the following commands could the investigator use to determine which files have been opened by this user?

  • A. lsof
  • B. netstat
  • C. ps
  • D. ls

正解:A


質問 # 33
To minimize vulnerability, which steps should an organization take before deploying a new Internet of Things (IoT) device? (Choose two.)

  • A. Enabling the firewall
  • B. Setting up new users
  • C. Disabling IPv6
  • D. Updating the device firmware
  • E. Changing the default password

正解:A、D


質問 # 34
A company help desk is flooded with calls regarding systems experiencing slow performance and certain Internet sites taking a long time to load or not loading at all. The security operations center (SOC) analysts who receive these calls take the following actions:
- Running antivirus scans on the affected user machines
- Checking department membership of affected users
- Checking the host-based intrusion prevention system (HIPS) console for affected user machine alerts
- Checking network monitoring tools for anomalous activities
Which of the following phases of the incident response process match the actions taken?

  • A. Recovery
  • B. Identification
  • C. Containment
  • D. Preparation

正解:B


質問 # 35
A security engineer is setting up security information and event management (SIEM). Which of the following log sources should the engineer include that will contain indicators of a possible web server compromise? (Choose two.)

  • A. Proxy logs
  • B. Web server logs
  • C. Domain controller logs
  • D. FTP logs
  • E. NetFlow logs

正解:B、C


質問 # 36
Which of the following are part of the hardening phase of the vulnerability assessment process? (Choose two.)

  • A. Updating configurations
  • B. Installing patches
  • C. Conducting audits
  • D. Generating reports
  • E. Documenting exceptions

正解:A、B


質問 # 37
A security analyst has discovered that an application has failed to run. Which of the following is the tool MOST likely used by the analyst for the initial discovery?

  • A. syslog
  • B. Process Monitor
  • C. Event Viewer
  • D. MSConfig

正解:C


質問 # 38
......

CFR-410試験問題集でPDF問題とテストエンジン:https://jp.fast2test.com/CFR-410-premium-file.html

最新CFR-410試験問題集には合格保証付きます:https://drive.google.com/open?id=19DIgnLkO5SoAewExujN3of9WLssob2AW


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어