Download CertNexus CyberSec First Responder.CFR-310.CertDumps.2020-06-10.100q.vcex

Vendor: CertNexus
Exam Code: CFR-310
Exam Name: CertNexus CyberSec First Responder
Date: Jun 10, 2020
File Size: 82 KB
Downloads: 1

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
While planning a vulnerability assessment on a computer network, which of the following is essential? (Choose two.)
  1. Identifying exposures
  2. Identifying critical assets
  3. Establishing scope
  4. Running scanning tools
  5. Installing antivirus software
Correct answer: AC
Question 2
During which phase of a vulnerability assessment would a security consultant need to document a requirement to retain a legacy device that is no longer supported and cannot be taken offline?
  1. Conducting post-assessment tasks
  2. Determining scope
  3. Identifying critical assets
  4. Performing a vulnerability scan
Correct answer: C
Question 3
Senior management has stated that antivirus software must be installed on all employee workstations. Which of the following does this statement BEST describe?
  1. Guideline
  2. Procedure
  3. Policy
  4. Standard
Correct answer: C
Question 4
Which of the following data sources could provide indication of a system compromise involving the exfiltration of data to an unauthorized destination?
  1. IPS logs
  2. DNS logs
  3. SQL logs
  4. SSL logs
Correct answer: A
Question 5
Which of the following methods are used by attackers to find new ransomware victims? (Choose two.)
  1. Web crawling
  2. Distributed denial of service (DDoS) attack
  3. Password guessing
  4. Phishing
  5. Brute force attack
Correct answer: DE
Explanation:
Reference: https://www.itproportal.com/features/the-four-most-popular-methods-hackers-use-to-spread-ransomware/
Reference: https://www.itproportal.com/features/the-four-most-popular-methods-hackers-use-to-spread-ransomware/
Question 6
As part of an organization's regular maintenance activities, a security engineer visits the Internet Storm Center advisory page to obtain the latest list of blacklisted host/network addresses. The security engineer does this to perform which of the following activities?
  1. Update the latest proxy access list
  2. Monitor the organization's network for suspicious traffic
  3. Monitor the organization's sensitive databases
  4. Update access control list (ACL) rules for network devices
Correct answer: D
Question 7
Malicious code designed to execute in concurrence with a particular event is BEST defined as which of the following?
  1. Logic bomb
  2. Rootkit
  3. Trojan
  4. Backdoor
Correct answer: A
Explanation:
Reference: https://searchsecurity.techtarget.com/definition/Malware-Glossary
Reference: https://searchsecurity.techtarget.com/definition/Malware-Glossary
Question 8
A common formula used to calculate risk is: _____________ + Threats + Vulnerabilities = Risk. Which of the following represents the missing factor in this formula?
  1. Exploits
  2. Security
  3. Asset
  4. Probability
Correct answer: C
Explanation:
Reference: https://www.threatanalysis.com/2010/05/03/threat-vulnerability-risk-commonly-mixed-up-terms/
Reference: https://www.threatanalysis.com/2010/05/03/threat-vulnerability-risk-commonly-mixed-up-terms/
Question 9
While performing routing maintenance on a Windows Server, a technician notices several unapproved Windows Updates and that remote access software has been installed. The technician suspects that a malicious actor has gained access to the system. Which of the following steps in the attack process does this activity indicate?
  1. Expanding access
  2. Covering tracks
  3. Scanning
  4. Persistence
Correct answer: A
Question 10
During a security investigation, a suspicious Linux laptop is found in the server room. The laptop is processing information and indicating network activity. The investigator is preparing to launch an investigation to determine what is happening with this laptop. Which of the following is the MOST appropriate set of Linux commands that should be executed to conduct the investigation?
  1. iperf, traceroute, whois, ls, chown, cat
  2. iperf, wget, traceroute, dc3dd, ls, whois
  3. lsof, chmod, nano, whois, chown, ls
  4. lsof, ifconfig, who, ps, ls, tcpdump
Correct answer: B
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!