[Q53-Q76] 100%合格率保証付きで最高のCFR-410試験でリアル問題PDFがある[2023年03月]

Share

100%合格率保証付きで最高のCFR-410試験でリアル問題PDFがある[2023年03月]

CFR-410問題集で2023年最新のCertNexus CFR-410試験問題


CertNexus CFR-410 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • さまざまなソースからのログ ファイルの分析を実行して、ネットワーク セキュリティに対する潜在的な脅威を特定する
  • セキュリティ アップデートを通じて組織のリソースを保護する
トピック 2
  • サイバーセキュリティの独立した監査プロセスを開発および実装する
  • システムセキュリティ体制の傾向を分析および報告する
トピック 3
  • 災害復旧、不測の事態に対するアドバイスとインプットを提供する
  • システムとアプリケーションに特定のサイバーセキュリティ対策を実装する
トピック 4
  • 脅威の程度を判断し、リスクを軽減するための一連のアクションまたは対策を推奨する
  • インシデント データを関連付けてレポートを作成する
トピック 5
  • 組織内のID管理とアクセス制御を保護
  • 承認された多層防御の原則と実践を採用
トピック 6
  • 確立された手順に従ってシステム セキュリティ対策を実装する
  • 侵入セットの戦術、技術、および手順 (TTP) を決定する
トピック 7
  • 脆弱性評価プロセスを特定して実施する
  • 適用されるコンプライアンス、標準、フレームワーク、およびプライバシーのベスト プラクティスを特定する

 

質問 53
A company help desk is flooded with calls regarding systems experiencing slow performance and certain Internet sites taking a long time to load or not loading at all. The security operations center (SOC) analysts who receive these calls take the following actions:
- Running antivirus scans on the affected user machines
- Checking department membership of affected users
- Checking the host-based intrusion prevention system (HIPS) console for affected user machine alerts
- Checking network monitoring tools for anomalous activities
Which of the following phases of the incident response process match the actions taken?

  • A. Identification
  • B. Recovery
  • C. Containment
  • D. Preparation

正解: A

 

質問 54
An incident at a government agency has occurred and the following actions were taken:
- Users have regained access to email accounts
- Temporary VPN services have been removed
- Host-based intrusion prevention system (HIPS) and antivirus (AV) signatures have been updated
- Temporary email servers have been decommissioned
Which of the following phases of the incident response process match the actions taken?

  • A. Post-incident
  • B. Recovery
  • C. Identification
  • D. Containment

正解: D

 

質問 55
A suspicious script was found on a sensitive research system. Subsequent analysis determined that proprietary data would have been deleted from both the local server and backup media immediately following a specific administrator's removal from an employee list that is refreshed each evening. Which of the following BEST describes this scenario?

  • A. Time bomb
  • B. Backdoor
  • C. Login bomb
  • D. Rootkit

正解: B

 

質問 56
Which of the following are part of the hardening phase of the vulnerability assessment process? (Choose two.)

  • A. Documenting exceptions
  • B. Generating reports
  • C. Updating configurations
  • D. Installing patches
  • E. Conducting audits

正解: C,D

 

質問 57
According to Payment Card Industry Data Security Standard (PCI DSS) compliance requirements, an organization must retain logs for what length of time?

  • A. 5 years
  • B. 1 year
  • C. 3 months
  • D. 6 months

正解: B

 

質問 58
A system administrator identifies unusual network traffic from outside the local network. Which of the following is the BEST method for mitigating the threat?

  • A. Malware scanning
  • B. Packet capturing
  • C. Port blocking
  • D. Content filtering

正解: B

 

質問 59
An organization recently suffered a data breach involving a server that had Transmission Control Protocol (TCP) port 1433 inadvertently exposed to the Internet. Which of the following services was vulnerable?

  • A. Network Time Protocol (NTP)
  • B. Database
  • C. Internet Message Access Protocol (IMAP)
  • D. Network Basic Input/Output System (NetBIOS)

正解: B

 

質問 60
A company that maintains a public city infrastructure was breached and information about future city projects was leaked. After the post-incident phase of the process has been completed, which of the following would be PRIMARY focus of the incident response team?

  • A. Contact the city police for official investigation.
  • B. Determine effective policy changes.
  • C. Inform the company board about the incident.
  • D. Restore service and eliminate the business impact.

正解: B

 

質問 61
An incident handler is assigned to initiate an incident response for a complex network that has been affected by malware. Which of the following actions should be taken FIRST?

  • A. Capture network traffic for analysis.
  • B. Make an incident response plan.
  • C. Isolate devices from the network.
  • D. Prepare incident response tools.

正解: A

 

質問 62
When tracing an attack to the point of origin, which of the following items is critical data to map layer 2 switching?

  • A. NAT table
  • B. DNS cache
  • C. ARP cache
  • D. CAM table

正解: C

解説:
The host that owns the IP address sends an ARP reply message with its physical address. Each host machine maintains a table, called ARP cache, used to convert MAC addresses to IP addresses. Since ARP is a stateless protocol, every time a host gets an ARP reply from another host, even though it has not sent an ARP request for that reply, it accepts that ARP entry and updates its ARP cache. The process of updating a target host's ARP cache with a forged entry is referred to as poisoning.

 

質問 63
Recently, a cybersecurity research lab discovered that there is a hacking group focused on hacking into the computers of financial executives in Company A to sell the exfiltrated information to Company B.
Which of the
following threat motives does this MOST likely represent?

  • A. Desire for power
  • B. Association/affiliation
  • C. Desire for financial gain
  • D. Reputation/recognition

正解: C

 

質問 64
According to company policy, all accounts with administrator privileges should have suffix _j a. While reviewing Windows workstation configurations, a security administrator discovers an account without the suffix in the administrator's group. Which of the following actions should the security administrator take?

  • A. Review the security log on the affected workstation.
  • B. Review the system log on a domain controller.
  • C. Review the system log on the affected workstation.
  • D. Review the security log on a domain controller.

正解: D

 

質問 65
Which of the following is a cybersecurity solution for insider threats to strengthen information protection?

  • A. Intrusion detection system (IDS)
  • B. Web proxy
  • C. Data loss prevention (DLP)
  • D. Anti-malware

正解: C

 

質問 66
Which of the following describes United States federal government cybersecurity policies and guidelines?

  • A. GDPR
  • B. NIST
  • C. ANSI
  • D. NERC

正解: B

 

質問 67
A company has noticed a trend of attackers gaining access to corporate mailboxes. Which of the following would be the BEST action to take to plan for this kind of attack in the future?

  • A. Scanning email server for vulnerabilities
  • B. Conducting security awareness training
  • C. Auditing account password complexity
  • D. Hardening the Microsoft Exchange Server

正解: A

 

質問 68
Which of the following would MOST likely make a Windows workstation on a corporate network vulnerable to remote exploitation?

  • A. Enabling Remote Registry
  • B. Disabling Windows Updates
  • C. Enabling Remote Desktop
  • D. Disabling Windows Firewall

正解: C

 

質問 69
Which of the following is susceptible to a cache poisoning attack?

  • A. Hypertext Transfer Protocol (HTTP)
  • B. Secure Shell (SSH)
  • C. Hypertext Transfer Protocol Secure (HTTPS)
  • D. Domain Name System (DNS)

正解: D

 

質問 70
Which of the following is a method of reconnaissance in which a ping is sent to a target with the expectation of receiving a response?

  • A. Active scanning
  • B. Passive scanning
  • C. Application enumeration
  • D. Network enumeration

正解: D

 

質問 71
It was recently discovered that many of an organization's servers were running unauthorized cryptocurrency mining software. Which of the following assets were being targeted in this attack? (Choose two.)

  • A. Computing resources
  • B. Network resources
  • C. Financial resources
  • D. Disk resources
  • E. Power resources

正解: B,E

 

質問 72
Detailed step-by-step instructions to follow during a security incident are considered:

  • A. Guidelines
  • B. Policies
  • C. Procedures
  • D. Standards

正解: C

 

質問 73
A user receives an email about an unfamiliar bank transaction, which includes a link. When clicked, the link redirects the user to a web page that looks exactly like their bank's website and asks them to log in with their username and password. Which type of attack is this?

  • A. Phishing
  • B. Smishing
  • C. Whaling
  • D. Vishing

正解: A

 

質問 74
When performing an investigation, a security analyst needs to extract information from text files in a Windows operating system. Which of the following commands should the security analyst use?

  • A. grep
  • B. findstr
  • C. awk
  • D. sigverif

正解: C

 

質問 75
An attacker intercepts a hash and compares it to pre-computed hashes to crack a password. Which of the following methods has been used?

  • A. Brute force attack
  • B. Dictionary attack
  • C. Rainbow tables
  • D. Password sniffing

正解: C

 

質問 76
......

無料CFR-410別格な問題集をダウンロード:https://jp.fast2test.com/CFR-410-premium-file.html

CFR-410合格保証がつく問題集で合格できるCFR-410試験:https://drive.google.com/open?id=19DIgnLkO5SoAewExujN3of9WLssob2AW


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어