CFR-310 Exam PDF | Free CFR-310 Questions Answers

CFR-310 Exam PDF | Free CFR-310 Questions Answers | RealExamCollection

386 views

Embed
Email

From

Username or Email (please add comma after each username or email)

Name	Email

Back

Menu 3

Eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo.

John25519

Uploaded on May 30, 2020

Category Education

By putting your full focus and efforts on CFR-310 dumps, you can pass your IT certification by the first attempt and with very high grades. First of all, you should download demo questions to check the quality of full PDF file. Then you will download full CFR-310 dumps to start your preparation without any delay.RealExamCollection is giving money back guarantee so you don’t need to worry for your payment that is secure.All you need to do is to complete your syllabus before the exam and start practice on online practice test by following the directions of experts.

Category Education

Comments

CFR-310 Exam PDF | Free CFR-310 Questions Answers | RealExamCollection

CertNexus

CFR-310
CertNexus CyberSec Firs t Responder (CFR)
https://www.realexamcollection.com/certnexus/cfr-310-dumps.html

Question: 1

A network security analyst has noticed a flood of Simple Mail Transfer Protocol (SMTP) traffic to internal
clients. SMTP traffic should only be allowed to email servers. Which of the following commands would
stop this attack? (Choose two.)

A. iptables -A INPUT -p tcp –dport 25 -d x.x.x.x -j ACCEPT
B. iptables -A INPUT -p tcp –sport 25 -d x.x.x.x -j ACCEPT
C. iptables -A INPUT -p tcp –dport 25 -j DROP
D. iptables -A INPUT -p tcp –destination-port 21 -j DROP
E. iptables -A FORWARD -p tcp –dport 6881:6889 -j DROP

Answer: AC

Question: 2

A secretary receives an email from a friend with a picture of a kitten in it. The secretary forwards it to
the ~COMPANYWIDE mailing list and, shortly thereafter, users across the company receive the following
message:
“You seem tense. Take a deep breath and relax!”
The incident response team is activated and opens the picture in a virtual machine to test it. After a
short
analysis, the following code is found in C:
\Temp\chill.exe:Powershell.exe –Command “do {(for /L %i in (2,1,254) do shutdown /r /m Error!
Hyperlink reference not valid.> /f /t / 0 (/c “You seem tense. Take a deep breath and relax!”);Start-
Sleep –s 900) } while(1)”
Which of the following BEST represents what the attacker was trying to accomplish?

A. Taunt the user and then trigger a shutdown every 15 minutes.
B. Taunt the user and then trigger a reboot every 15 minutes.
C. Taunt the user and then trigger a shutdown every 900 minutes.
D. Taunt the user and then trigger a reboot every 900 minutes.

Answer: B

Question: 3

A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also
establishing a connection to IP 88.143.12.123. Which of the following commands should the
administrator use to capture only the traffic between the two hosts?

A. # tcpdump -i eth0 host 88.143.12.123

B. # tcpdump -i eth0 dst 88.143.12.123
C. # tcpdump -i eth0 host 192.168.10.121
D. # tcpdump -i eth0 src 88.143.12.123

Answer: B

Question: 4

After imaging a disk as part of an investigation, a forensics analyst wants to hash the image using a tool
that supports piecewise hashing. Which of the following tools should the analyst use?

A. md5sum
B. sha256sum
C. md5deep
D. hashdeep

Answer: A

Question: 5

Which of the following is a cybersecurity solution for insider threats to strengthen information
protection?

A. Web proxy
B. Data loss prevention (DLP)
C. Anti-malware
D. Intrusion detection system (IDS)

Answer: B

Reference:
https://www.techrepublic.com/article/how-to-protect-your-organization-against-insider-threats/
Question: 6

A security administrator is investigating a compromised host. Which of the following commands could
the investigator use to display executing processes in real time?

A. ps
B. top
C. nice
D. pstree

Answer: B

Reference:
https://www.cyberciti.biz/faq/show-all-running-processes-in-linux/
Question: 7

A system administrator identifies unusual network traffic from outside the local network. Which of the
following
is the BEST method for mitigating the threat?

A. Malware scanning
B. Port blocking
C. Packet capturing
D. Content filtering

Answer: C

Question: 8

Which of the following technologies would reduce the risk of a successful SQL injection attack?

A. Reverse proxy
B. Web application firewall
C. Stateful firewall
D. Web content filtering

Answer: B

Reference:
http://www.enterprisenetworkingplanet.com/netsecur/article.php/3866756/10-Ways-to-Prevent-or-
Mitigate-SQL-Injection-Attacks.htm
Question: 9

An incident responder has collected network capture logs in a text file, separated by five or more data
fields.
Which of the following is the BEST command to use if the responder would like to print the file (to
terminal/ screen) in numerical order?

A. cat | tac
B. more
C. sort –n
D. less

Answer: C

Reference:
https://kb.iu.edu/d/afjb
Question: 10

Which of the following characteristics of a web proxy strengthens cybersecurity? (Choose two.)

A. Increases browsing speed
B. Filters unwanted content
C. Limits direct connection to Internet
D. Caches frequently-visited websites
E. Decreases wide area network (WAN) traffic

Answer: AD

https://www.realexamcollection.com/certnexus/cfr-310-dumps.html