Download Free CertNexus CFR-310 Real Exam Questions Download
Latest CertNexus CFR-310 Real Exam Dumps PDF
CertNexus CFR-310 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
NEW QUESTION 19
After imaging a disk as part of an investigation, a forensics analyst wants to hash the image using a tool that supports piecewise hashing. Which of the following tools should the analyst use?
- A. hashdeep
- B. md5sum
- C. sha256sum
- D. md5deep
Answer: B
NEW QUESTION 20
It was recently discovered that many of an organization's servers were running unauthorized cryptocurrency mining software. Which of the following assets were being targeted in this attack? (Choose two.)
- A. Computing resources
- B. Network resources
- C. Financial resources
- D. Disk resources
- E. Power resources
Answer: B,E
Explanation:
Explanation/Reference: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/security-101- the-impact-of-cryptocurrency-mining-malware
NEW QUESTION 21
Organizations considered "covered entities" are required to adhere to which compliance requirement?
- A. Sarbanes-Oxley Act (SOX)
- B. International Organization for Standardization (ISO) 27001
- C. Payment Card Industry Data Security Standard (PCI DSS)
- D. Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Answer: D
NEW QUESTION 22
An incident responder was asked to analyze malicious traffic. Which of the following tools would be BEST for this?
- A. tcpdump
- B. Hex editor
- C. Snort
- D. Wireshark
Answer: D
NEW QUESTION 23
Which asset would be the MOST desirable for a financially motivated attacker to obtain from a health insurance company?
- A. Network architecture
- B. Intellectual property
- C. Transaction logs
- D. PII/PHI
Answer: D
NEW QUESTION 24
Recently, a cybersecurity research lab discovered that there is a hacking group focused on hacking into the computers of financial executives in Company A to sell the exfiltrated information to Company B.
Which of the following threat motives does this MOST likely represent?
- A. Association/affiliation
- B. Desire for financial gain
- C. Desire for power
- D. Reputation/recognition
Answer: B
NEW QUESTION 25
A user receives an email about an unfamiliar bank transaction, which includes a link. When clicked, the link redirects the user to a web page that looks exactly like their bank's website and asks them to log in with their username and password. Which type of attack is this?
- A. Phishing
- B. Whaling
- C. Smishing
- D. Vishing
Answer: A
Explanation:
Explanation/Reference: https://www.phishing.org/what-is-phishing
NEW QUESTION 26
During an incident, the following actions have been taken:
- Executing the malware in a sandbox environment
- Reverse engineering the malware
- Conducting a behavior analysis
Based on the steps presented, which of the following incident handling processes has been taken?
- A. Recovery
- B. Identification
- C. Eradication
- D. Containment
Answer: D
Explanation:
The "Containment, eradication and recovery" phase is the period in which incident response team tries to contain the incident and, if necessary, recover from it (restore any affected resources, data and/or processes).
Reference: https://blog.rapid7.com/2017/01/11/introduction-to-incident-response-life-cycle-of-nist-sp-800-
61/
NEW QUESTION 27
An incident responder has collected network capture logs in a text file, separated by five or more data fields.
Which of the following is the BEST command to use if the responder would like to print the file (to terminal/ screen) in numerical order?
- A. sort -n
- B. cat | tac
- C. more
- D. less
Answer: A
NEW QUESTION 28
A security engineer is setting up security information and event management (SIEM). Which of the following log sources should the engineer include that will contain indicators of a possible web server compromise?
(Choose two.)
- A. Web server logs
- B. NetFlow logs
- C. Proxy logs
- D. Domain controller logs
- E. FTP logs
Answer: A,D
NEW QUESTION 29
An attacker intercepts a hash and compares it to pre-computed hashes to crack a password. Which of the following methods has been used?
- A. Password sniffing
- B. Brute force attack
- C. Rainbow tables
- D. Dictionary attack
Answer: C
NEW QUESTION 30
Which of the following is an automated password cracking technique that uses a combination of uppercase and lowercase letters, 0-9 numbers, and special characters?
- A. Brute force attack
- B. Password guessing
- C. Dictionary attack
- D. Rainbow tables
Answer: A
NEW QUESTION 31
A company help desk is flooded with calls regarding systems experiencing slow performance and certain Internet sites taking a long time to load or not loading at all. The security operations center (SOC) analysts who receive these calls take the following actions:
- Running antivirus scans on the affected user machines
- Checking department membership of affected users
- Checking the host-based intrusion prevention system (HIPS) console for affected user machine alerts
- Checking network monitoring tools for anomalous activities
Which of the following phases of the incident response process match the actions taken?
- A. Recovery
- B. Containment
- C. Identification
- D. Preparation
Answer: C
Explanation:
Explanation/Reference:
NEW QUESTION 32
Which of the following attacks involves sending a large amount of spoofed User Datagram Protocol (UDP) traffic to a router's broadcast address within a network?
- A. Smurf attack
- B. Land attack
- C. Teardrop attack
- D. Fraggle attack
Answer: A
NEW QUESTION 33
After a security breach, a security consultant is hired to perform a vulnerability assessment for a company's web application. Which of the following tools would the consultant use?
- A. Nikto
- B. Kismet
- C. tcpdump
- D. Hydra
Answer: A
Explanation:
Explanation/Reference: https://www.scnsoft.com/blog/network-vulnerability-assessment-guide
NEW QUESTION 34
Recently, a cybersecurity research lab discovered that there is a hacking group focused on hacking into the computers of financial executives in Company A to sell the exfiltrated information to Company
B. Which of the following threat motives does this MOST likely represent?
- A. Association/affiliation
- B. Desire for financial gain
- C. Desire for power
- D. Reputation/recognition
Answer: B
NEW QUESTION 35
During a malware-driven distributed denial of service attack, a security researcher found excessive requests to a name server referring to the same domain name and host name encoded in hexadecimal.
The malware author used which type of command and control?
- A. Custom channel
- B. Internet Relay Chat (IRC)
- C. Dnscat2
- D. File Transfer Protocol (FTP)
Answer: D
Explanation:
Explanation/Reference: https://www.csoonline.com/article/3276660/what-is-shodan-the-search-engine-for-everything- on-the-internet.html
NEW QUESTION 36
After a hacker obtained a shell on a Linux box, the hacker then sends the exfiltrated data via Domain Name System (DNS). This is an example of which type of data exfiltration?
- A. File sharing services
- B. Covert channels
- C. Steganography
- D. Rogue service
Answer: B
NEW QUESTION 37
......
PDF (New 2022) Actual CertNexus CFR-310 Exam Questions: https://actualtests.realvalidexam.com/CFR-310-real-exam-dumps.html
