CFR-210 Exam Details

  • Exam Code
    :CFR-210
  • Exam Name
    :CyberSec First Responder
  • Certification
    :Logical Operations Certifications
  • Vendor
    :Logical Operations
  • Total Questions
    :100 Q&As
  • Last Updated
    :

Logical Operations CFR-210 Online Questions & Answers

  • Question 21:

    A forensics analyst is analyzing an executable and thinks it may have some text of interest hidden within it. Which of the following tools can the analyst use to assist in validating the suspicion?

    A. Isof
    B. cat command
    C. hex editor
    D. more

  • Question 22:

    A SOC analyst has been tasked with checking all files in every employee's home directory for any mention of a new product code named "PitViper." Which of the following commands will return all requested data?

    A. grep -i "pitviper" /home
    B. grep -r "PitViper" /home
    C. grep -r -v "pitviper" /home
    D. grep -r -i "pitviper" /home

  • Question 23:

    DRAG DROP

    Drag and drop the following steps to perform a successful social engineering attack in the correct order, from first (1) to last (6).

    Select and Place:

  • Question 24:

    As part of an incident response effort, data has been collected and analyzed, and a malware infection has been contained. Which of the following is the NEXT step the incident response team should take within the incident response process?

    A. Begin recovering all infected systems to return the organization to normal operations as soon as possible.
    B. Ensure every instance of the malware has been removed across the organization.
    C. Discuss lessons learned before proceeding with other steps.
    D. Start writing the report to ensure a quality product is delivered by the end of the project.

  • Question 25:

    Which of the following commands should be used to print out ONLY the second column of items in the following file?

    A. cut -d " " -f2 source_file.txt
    B. cut -b7-15 source_file.txt
    C. cut -d " " -f2 Source_File.txt
    D. cut -c6-12 Source_File.txt

  • Question 26:

    A file is discovered in the /etc directory of an internal server by an automated file integrity checker. A security analyst determines the file is a bash script. The contents are as follows:

    #!/bin/bash IFS=: [[ -f /etc/passwd ]] andand cat /etc/passwd | while read a b c d e f g do

    echo "$e ($a)" done

    Which of the following was the author of the script attempting to gather?

    A. Home directory and shell
    B. Username and password hash
    C. User's name and username
    D. UID and GID

  • Question 27:

    An administrator wants to block Java exploits that were not detected by the organization's antivirus product. Which of the following mitigation methods should an incident responder perform? (Choose two.)

    A. Utilize DNS filtering
    B. Send binary to AV vendor for analysis
    C. Create a custom IPS signature
    D. Implement an ACL
    E. Block the port on the firewall

  • Question 28:

    An organization's public information website has been defaced. The incident response team is actively engaged in the following actions:

    1.

    Installing patches on the web server

    2.

    Turning off unnecessary services on web server

    3.

    Adding new ACL rules to the WAF

    4.

    Changing all passwords on web server accounts

    Which of the following incident response phases is the team MOST likely conducting?

    A. Respond
    B. Recover
    C. Contain
    D. Identify

  • Question 29:

    An incident responder is asked to create a disk image of a compromised Linux server. Which of the following commands should be used to do this?

    A. dd
    B. Isof
    C. gzip
    D. fdisk
    E. mbr

  • Question 30:

    While performing standard maintenance on a UNIX server, a system administrator notices a set of large files with .tar .gz file extensions in the /tmp folder. The system administrator reports this to a security analyst. Performing further research,

    the analyst has found the .tar .gz files contain information normally housed on one of the bank's data servers.

    Given this scenario, which of the following is MOST likely occurring?

    A. A malicious actor, having breached the system, is staging collected data for exfiltration.
    B. Having nearly exhausted the capacity of the home directory, a user is moving files to make room.
    C. An error on the .hosts file has resultedin the data being backed up to the wrong server.
    D. One of the newly hired system administrators has inadvertently backed up data to the wrong server.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Logical Operations exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CFR-210 exam preparations and Logical Operations certification application, do not hesitate to visit our Vcedump.com to find your solutions here.