Test Online Free CertNexus CFR-410 Exam Questions and Answers
The questions for CFR-410 were last updated On Nov.30 2022 Get CFR-410 Full AccessQuestion No : 1
An incident responder discovers that the CEO logged in from their New York City office and then logged in from a location in Beijing an hour later. The incident responder suspects that the CEO’s account has been
compromised.
Which of the following anomalies MOST likely contributed to the incident responder’s suspicion?
Answer:
Explanation:
Reference: https://www.infosecurity-magazine.com/opinions/geo-velocity-adaptive/
Question No : 2
Which common source of vulnerability should be addressed to BEST mitigate against URL redirection attacks?
Answer:
Explanation:
Reference: https://blog.qualys.com/securitylabs/2016/01/07/open-redirection-a-simple-vulnerability-threatens- your-web-applications
Question No : 3
Which of the following is a cybersecurity solution for insider threats to strengthen information protection?
Answer:
Explanation:
Reference: https://www.techrepublic.com/article/how-to-protect-your-organization-against-insider-threats/
Question No : 4
An incident response team is concerned with verifying the integrity of security information and event management (SIEM) events after being written to disk.
Which of the following represents the BEST option for addressing this concern?
Answer:
Explanation:
Reference: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-92.pdf
Question No : 5
Which of the following would MOST likely make a Windows workstation on a corporate network vulnerable to remote exploitation?
Answer:
Question No : 6
While performing routing maintenance on a Windows Server, a technician notices several unapproved Windows Updates and that remote access software has been installed. The technician suspects that a malicious actor has gained access to the system.
Which of the following steps in the attack process does this activity indicate?
Answer:
Question No : 7
Which of the following, when exposed together, constitutes PII? (Choose two.)
Answer:
Explanation:
Reference: https://www.lifelock.com/learn-identity-theft-resources-what-is-personally-identifiable- information.html
Question No : 8
A company website was hacked via the following SQL query:
email, passwd, login_id, full_name FROM members
WHERE email = “[email protected]”; DROP TABLE members; C”
Which of the following did the hackers perform?
Answer:
Question No : 9
A company help desk is flooded with calls regarding systems experiencing slow performance and certain Internet sites taking a long time to load or not loading at all.
The security operations center (SOC) analysts who receive these calls take the following actions:
- Running antivirus scans on the affected user machines
- Checking department membership of affected users
- Checking the host-based intrusion prevention system (HIPS) console for affected user machine alerts
- Checking network monitoring tools for anomalous activities
Which of the following phases of the incident response process match the actions taken?
Answer:
Question No : 10
Which of the following are part of the hardening phase of the vulnerability assessment process? (Choose two.)
Answer:
- TOP 50 Exam Questions
-
Exam
All copyrights reserved 2024 PassQuestion NETWORK CO.,LIMITED. All Rights Reserved.
Passquestion doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All Passquestion content is sourced from the Internet.