Download CertNexus CyberSec First Responder.CFR-310.NewDumps.2020-12-21.100q.vcex

Vendor: CertNexus
Exam Code: CFR-310
Exam Name: CertNexus CyberSec First Responder
Date: Dec 21, 2020
File Size: 82 KB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Purchase
Coupon: EXAM_HUB

Discount: 20%

Demo Questions

Question 1
A network security analyst has noticed a flood of Simple Mail Transfer Protocol (SMTP) traffic to internal clients. SMTP traffic should only be allowed to email servers.  
Which of the following commands would stop this attack? (Choose two.)
  1. iptables -A INPUT -p tcp dport 25 -d x.x.x.x -j ACCEPT
  2. iptables -A INPUT -p tcp sport 25 -d x.x.x.x -j ACCEPT
  3. iptables -A INPUT -p tcp dport 25 -j DROP
  4. iptables -A INPUT -p tcp destination-port 21 -j DROP
  5. iptables -A FORWARD -p tcp dport 6881:6889 -j DROP
Correct answer: AC
Question 2
A secretary receives an email from a friend with a picture of a kitten in it. The secretary forwards it to the ~COMPANYWIDE mailing list and, shortly thereafter, users across the company receive the following message:
"You seem tense. Take a deep breath and relax!" 
The incident response team is activated and opens the picture in a virtual machine to test it. After a short analysis, the following code is found in C:\Temp\chill.exe:Powershell.exe Command "do {(for /L %i in (2,1,254) do shutdown /r /m Error! Hyperlink reference not valid.> /f /t / 0 (/c "You seem tense. Take a deep breath and relax!");Start- Sleep s 900) } while(1)" 
Which of the following BEST represents what the attacker was trying to accomplish?
  1. Taunt the user and then trigger a shutdown every 15 minutes.
  2. Taunt the user and then trigger a reboot every 15 minutes.
  3. Taunt the user and then trigger a shutdown every 900 minutes.
  4. Taunt the user and then trigger a reboot every 900 minutes.
Correct answer: B
Explanation:
Question 3
A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also establishing a connection to IP 88.143.12.123. Which of the following commands should the administrator use to capture only the traffic between the two hosts?
  1. # tcpdump -i eth0 host 88.143.12.123
  2. # tcpdump -i eth0 dst 88.143.12.123
  3. # tcpdump -i eth0 host 192.168.10.121
  4. # tcpdump -i eth0 src 88.143.12.123
Correct answer: B
Question 4
After imaging a disk as part of an investigation, a forensics analyst wants to hash the image using a tool that supports piecewise hashing. Which of the following tools should the analyst use?
  1. md5sum
  2. sha256sum
  3. md5deep
  4. hashdeep
Correct answer: A
Question 5
Which of the following is a cybersecurity solution for insider threats to strengthen information protection?
  1. Web proxy
  2. Data loss prevention (DLP)
  3. Anti-malware
  4. Intrusion detection system (IDS)
Correct answer: B
Explanation:
Reference:https://www.techrepublic.com/article/how-to-protect-your-organization-against-insider-threats/
Reference:
https://www.techrepublic.com/article/how-to-protect-your-organization-against-insider-threats/
Question 6
A security administrator is investigating a compromised host. Which of the following commands could the investigator use to display executing processes in real time?
  1. ps
  2. top 
  3. nice
  4. pstree
Correct answer: B
Explanation:
Reference:https://www.cyberciti.biz/faq/show-all-running-processes-in-linux/
Reference:
https://www.cyberciti.biz/faq/show-all-running-processes-in-linux/
Question 7
A system administrator identifies unusual network traffic from outside the local network. Which of the following is the BEST method for mitigating the threat? 
  1. Malware scanning
  2. Port blocking
  3. Packet capturing
  4. Content filtering
Correct answer: C
Question 8
Which of the following technologies would reduce the risk of a successful SQL injection attack?
  1. Reverse proxy
  2. Web application firewall
  3. Stateful firewall
  4. Web content filtering
Correct answer: B
Explanation:
Reference:http://www.enterprisenetworkingplanet.com/netsecur/article.php/3866756/10-Ways-to-Prevent-or-Mitigate-SQL-Injection-Attacks.htm
Reference:
http://www.enterprisenetworkingplanet.com/netsecur/article.php/3866756/10-Ways-to-Prevent-or-Mitigate-SQL-Injection-Attacks.htm
Question 9
An incident responder has collected network capture logs in a text file, separated by five or more data fields. 
Which of the following is the BEST command to use if the responder would like to print the file (to terminal/screen) in numerical order?
  1. cat | tac
  2. more
  3. sort n
  4. less
Correct answer: C
Explanation:
Reference:https://kb.iu.edu/d/afjb
Reference:
https://kb.iu.edu/d/afjb
Question 10
Which of the following characteristics of a web proxy strengthens cybersecurity? (Choose two.)
  1. Increases browsing speed
  2. Filters unwanted content
  3. Limits direct connection to Internet
  4. Caches frequently-visited websites
  5. Decreases wide area network (WAN) traffic 
Correct answer: AD
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!