CFR-210 Exam Details

  • Exam Code
    :CFR-210
  • Exam Name
    :CyberSec First Responder
  • Certification
    :Logical Operations Certifications
  • Vendor
    :Logical Operations
  • Total Questions
    :100 Q&As
  • Last Updated
    :

Logical Operations CFR-210 Online Questions & Answers

  • Question 11:

    Which of the following are legally compliant forensics applications that will detect ADS or a file with an incorrect file extension? (Choose two.)

    A. Regedit
    B. EnCase
    C. dd
    D. FTK
    E. Procmon

  • Question 12:

    A high-level government official uses anonymous bank accounts to transfer a requested amount of funds to individuals in another country. These individuals are known for defacing government websites and exfiltrating sensitive data. Which of the following BEST describes the involved threat actors?

    A. State-sponsored hackers
    B. Gray hat hackers
    C. Hacktivists
    D. Cyber terrorists

  • Question 13:

    A system administrator is informed that a user received an email containing a suspicious attachment. Which of the following methods is the FASTEST way to determine whether the file is suspicious or not?

    A. Reverse engineering
    B. Virus scanning
    C. Virtualization
    D. Sandboxing

  • Question 14:

    Which of the following enables security personnel to have the BEST security incident recovery practices?

    A. Crisis communication plan
    B. Disaster recovery plan
    C. Occupant emergency plan
    D. Cyber incident response plan

  • Question 15:

    During review of a company's web server logs, the following items are discovered:

    Which of the following is depicted in the log example above?

    A. An administrator using the web interface for application maintenance
    B. Normal web application traffic
    C. A web application scan
    D. An attempt at enumeration via SQL injection

  • Question 16:

    The Chief Information Officer (CIO) of a company asks the incident responder to update the risk management plan. Which of the following methods can BEST help the incident responder identify the risks that require in-depth analysis?

    A. Qualitative analysis
    B. Targeted risk analysis
    C. Non-targeted risk analysis
    D. Quantitative analysis

  • Question 17:

    An attacker performs reconnaissance on a Chief Executive Officer (CEO) using publicity available resources to gain access to the CEO's office. The attacker was in the CEO's office for less than five minutes, and the attack left no traces in

    any logs, nor was there any readily identifiable cause for the exploit. The attacker in then able to use numerous credentials belonging to the CEO to conduct a variety of further attacks.

    Which of the following types of exploit is described?

    A. Pivoting
    B. Malicious linking
    C. Whaling
    D. Keylogging

  • Question 18:

    An attack was performed on a company's web server, disabling the company's website. The incident response team's investigation produced the following:

    1.

    Presence of malicious code installed on employees' workstations.

    2.

    Excessive UDP datagrams sent to a single address.

    3.

    Web server received excessive UDP datagrams from multiple internal hosts.

    4.

    Network experienced high traffic after 3:00 pm.

    5.

    Employee workstations sent large traffic bursts when employees accessed the internal timecard application.

    Which of the following BEST describes the attack tool used to perform the attack?

    A. KeyLogger
    B. Logic bomb
    C. Nessus
    D. Metasploit

  • Question 19:

    An organization performs regular updates to its network devices to alert and prevent access to streaming media sites by the employees. Each device will send logs and alerts to a centralized server for storage, archive, and analysis. Which of the following BEST describes the system that is correlating the data found in all alerts and logs?

    A. SIEM
    B. NIDS
    C. HIPS
    D. WIPS

  • Question 20:

    A system administrator needs to analyze a PCAP file on a Linux workstation where the use of GUI-based applications is restricted. Which of the following command line tools can the administrator use to analyze the PCAP?

    A. nfdump
    B. cryptcat
    C. tshark
    D. netstat

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Logical Operations exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CFR-210 exam preparations and Logical Operations certification application, do not hesitate to visit our Vcedump.com to find your solutions here.