CFR-210 Exam Details

  • Exam Code
    :CFR-210
  • Exam Name
    :CyberSec First Responder
  • Certification
    :Logical Operations Certifications
  • Vendor
    :Logical Operations
  • Total Questions
    :100 Q&As
  • Last Updated
    :

Logical Operations CFR-210 Online Questions & Answers

  • Question 91:

    A zero-day vulnerability is discovered on a company's network. The security analyst conducts a log review, schedules an immediate vulnerability scan, and quarantines the infected system, but cannot determine the root cause of the

    vulnerability.

    Which of the following is a source of information that can be used to identify the cause of the vulnerability?

    A. www.virustotal.com
    B. Security RSS feeds
    C. Security software websites
    D. Government websites

  • Question 92:

    Which of the following describes the MOST important reason for capturing post-attack metadata?

    A. To assist in updating the Business Continuity Plan
    B. To assist in writing a security magazine article
    C. To assist in fortification of defenses to prevent future attacks
    D. To assist in improving security awareness training

  • Question 93:

    Which of the following technologies is used as mitigation to XSS attacks?

    A. Intrusion prevention
    B. Proxy filtering
    C. Web application firewall
    D. Intrusion detection

  • Question 94:

    A security analyst discovers a zero-day vulnerability affecting Windows, which has not been publicly identified. The security analyst assumes this vulnerability is present on millions of computer system and feels an obligation to share this information with other security professionals. Which of the following would be the MOST adverse consequences of the analyst sharing this information?

    A. Public exposure of the vulnerability, including to potential attackers
    B. Unexpected media coverage of the discovery
    C. Potential distribution of misinformation
    D. Possible legal consequences for the analyst

  • Question 95:

    DRAG DROP

    Drag and drop the following steps in the correct order from first (1) to last (7) that a forensic expert would follow based on data analysis in a Windows system.

    Select and Place:

  • Question 96:

    An attacker has decided to attempt a brute force attack on a UNIX server. In order to accomplish this, which of the following steps must be performed?

    A. Exfiltrate the shadow and SAM, run unshadow, and then runa password cracking utility on the output file.
    B. Exfiltrate the shadow and passwd, and then run a password cracking utility on both files.
    C. Exfiltrate the shadow and SAM, and then run a password cracking utility on both files.
    D. Exfiltrate the shadowand passwd, run unshadow, and then run a password cracking utility on the output file.

  • Question 97:

    An analyst would like to search for a specific text string at the beginning of a line that begins with four capital alphabetic characters. Which of the following search operators should be used?

    A. /\b\w{4}\b
    B. /\b[A-Z]{4}\g
    C. /^\w{4}\b
    D. /B[A-Z]{4}\b\g

  • Question 98:

    During the course of an investigation, an incident responder discovers illegal material on a user's hard drive. Which of the following is the incident responder's MOST important next step?

    A. Notify management
    B. Place the hard drive in an evidence bag
    C. Image the hard drive
    D. Restrict the user's access

  • Question 99:

    A network engineer has collected a packet capture using Wireshark and given it to the team for analysis. The team is looking for activity based on the internal IP address of 10.0.25.123. Which of the following filters should the team use to look at only traffic for this IP?

    A. source.ip == 10.0.25.123 andand destination.ip == 10.0.25.123
    B. source tcp = 10.0.25.123 and destination tcp = 10.0.25.123
    C. src.ip == 10.0.25.123 or dst.ip == 10.0.25.123
    D. src.ip = 10.0.25.123 or dst.ip = 10.0.25.123

  • Question 100:

    An incident responder has captured packets associated with malware. The source port is 8765 and the destination port is 7653.

    Which of the following commands should be used on the source computer to help determine which program is responsible for the connection?

    A. services.msc
    B. psexec
    C. msconfig
    D. fport

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Logical Operations exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CFR-210 exam preparations and Logical Operations certification application, do not hesitate to visit our Vcedump.com to find your solutions here.