
100%合格率保証付きで最高のCFR-410試験でリアル問題PDFがある[2023年03月]
CFR-410問題集で2023年最新のCertNexus CFR-410試験問題
CertNexus CFR-410 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
質問 53
A company help desk is flooded with calls regarding systems experiencing slow performance and certain Internet sites taking a long time to load or not loading at all. The security operations center (SOC) analysts who receive these calls take the following actions:
- Running antivirus scans on the affected user machines
- Checking department membership of affected users
- Checking the host-based intrusion prevention system (HIPS) console for affected user machine alerts
- Checking network monitoring tools for anomalous activities
Which of the following phases of the incident response process match the actions taken?
- A. Identification
- B. Recovery
- C. Containment
- D. Preparation
正解: A
質問 54
An incident at a government agency has occurred and the following actions were taken:
- Users have regained access to email accounts
- Temporary VPN services have been removed
- Host-based intrusion prevention system (HIPS) and antivirus (AV) signatures have been updated
- Temporary email servers have been decommissioned
Which of the following phases of the incident response process match the actions taken?
- A. Post-incident
- B. Recovery
- C. Identification
- D. Containment
正解: D
質問 55
A suspicious script was found on a sensitive research system. Subsequent analysis determined that proprietary data would have been deleted from both the local server and backup media immediately following a specific administrator's removal from an employee list that is refreshed each evening. Which of the following BEST describes this scenario?
- A. Time bomb
- B. Backdoor
- C. Login bomb
- D. Rootkit
正解: B
質問 56
Which of the following are part of the hardening phase of the vulnerability assessment process? (Choose two.)
- A. Documenting exceptions
- B. Generating reports
- C. Updating configurations
- D. Installing patches
- E. Conducting audits
正解: C,D
質問 57
According to Payment Card Industry Data Security Standard (PCI DSS) compliance requirements, an organization must retain logs for what length of time?
- A. 5 years
- B. 1 year
- C. 3 months
- D. 6 months
正解: B
質問 58
A system administrator identifies unusual network traffic from outside the local network. Which of the following is the BEST method for mitigating the threat?
- A. Malware scanning
- B. Packet capturing
- C. Port blocking
- D. Content filtering
正解: B
質問 59
An organization recently suffered a data breach involving a server that had Transmission Control Protocol (TCP) port 1433 inadvertently exposed to the Internet. Which of the following services was vulnerable?
- A. Network Time Protocol (NTP)
- B. Database
- C. Internet Message Access Protocol (IMAP)
- D. Network Basic Input/Output System (NetBIOS)
正解: B
質問 60
A company that maintains a public city infrastructure was breached and information about future city projects was leaked. After the post-incident phase of the process has been completed, which of the following would be PRIMARY focus of the incident response team?
- A. Contact the city police for official investigation.
- B. Determine effective policy changes.
- C. Inform the company board about the incident.
- D. Restore service and eliminate the business impact.
正解: B
質問 61
An incident handler is assigned to initiate an incident response for a complex network that has been affected by malware. Which of the following actions should be taken FIRST?
- A. Capture network traffic for analysis.
- B. Make an incident response plan.
- C. Isolate devices from the network.
- D. Prepare incident response tools.
正解: A
質問 62
When tracing an attack to the point of origin, which of the following items is critical data to map layer 2 switching?
- A. NAT table
- B. DNS cache
- C. ARP cache
- D. CAM table
正解: C
解説:
The host that owns the IP address sends an ARP reply message with its physical address. Each host machine maintains a table, called ARP cache, used to convert MAC addresses to IP addresses. Since ARP is a stateless protocol, every time a host gets an ARP reply from another host, even though it has not sent an ARP request for that reply, it accepts that ARP entry and updates its ARP cache. The process of updating a target host's ARP cache with a forged entry is referred to as poisoning.
質問 63
Recently, a cybersecurity research lab discovered that there is a hacking group focused on hacking into the computers of financial executives in Company A to sell the exfiltrated information to Company B.
Which of the
following threat motives does this MOST likely represent?
- A. Desire for power
- B. Association/affiliation
- C. Desire for financial gain
- D. Reputation/recognition
正解: C
質問 64
According to company policy, all accounts with administrator privileges should have suffix _j a. While reviewing Windows workstation configurations, a security administrator discovers an account without the suffix in the administrator's group. Which of the following actions should the security administrator take?
- A. Review the security log on the affected workstation.
- B. Review the system log on a domain controller.
- C. Review the system log on the affected workstation.
- D. Review the security log on a domain controller.
正解: D
質問 65
Which of the following is a cybersecurity solution for insider threats to strengthen information protection?
- A. Intrusion detection system (IDS)
- B. Web proxy
- C. Data loss prevention (DLP)
- D. Anti-malware
正解: C
質問 66
Which of the following describes United States federal government cybersecurity policies and guidelines?
- A. GDPR
- B. NIST
- C. ANSI
- D. NERC
正解: B
質問 67
A company has noticed a trend of attackers gaining access to corporate mailboxes. Which of the following would be the BEST action to take to plan for this kind of attack in the future?
- A. Scanning email server for vulnerabilities
- B. Conducting security awareness training
- C. Auditing account password complexity
- D. Hardening the Microsoft Exchange Server
正解: A
質問 68
Which of the following would MOST likely make a Windows workstation on a corporate network vulnerable to remote exploitation?
- A. Enabling Remote Registry
- B. Disabling Windows Updates
- C. Enabling Remote Desktop
- D. Disabling Windows Firewall
正解: C
質問 69
Which of the following is susceptible to a cache poisoning attack?
- A. Hypertext Transfer Protocol (HTTP)
- B. Secure Shell (SSH)
- C. Hypertext Transfer Protocol Secure (HTTPS)
- D. Domain Name System (DNS)
正解: D
質問 70
Which of the following is a method of reconnaissance in which a ping is sent to a target with the expectation of receiving a response?
- A. Active scanning
- B. Passive scanning
- C. Application enumeration
- D. Network enumeration
正解: D
質問 71
It was recently discovered that many of an organization's servers were running unauthorized cryptocurrency mining software. Which of the following assets were being targeted in this attack? (Choose two.)
- A. Computing resources
- B. Network resources
- C. Financial resources
- D. Disk resources
- E. Power resources
正解: B,E
質問 72
Detailed step-by-step instructions to follow during a security incident are considered:
- A. Guidelines
- B. Policies
- C. Procedures
- D. Standards
正解: C
質問 73
A user receives an email about an unfamiliar bank transaction, which includes a link. When clicked, the link redirects the user to a web page that looks exactly like their bank's website and asks them to log in with their username and password. Which type of attack is this?
- A. Phishing
- B. Smishing
- C. Whaling
- D. Vishing
正解: A
質問 74
When performing an investigation, a security analyst needs to extract information from text files in a Windows operating system. Which of the following commands should the security analyst use?
- A. grep
- B. findstr
- C. awk
- D. sigverif
正解: C
質問 75
An attacker intercepts a hash and compares it to pre-computed hashes to crack a password. Which of the following methods has been used?
- A. Brute force attack
- B. Dictionary attack
- C. Rainbow tables
- D. Password sniffing
正解: C
質問 76
......
無料CFR-410別格な問題集をダウンロード:https://jp.fast2test.com/CFR-410-premium-file.html
CFR-410合格保証がつく問題集で合格できるCFR-410試験:https://drive.google.com/open?id=19DIgnLkO5SoAewExujN3of9WLssob2AW