A government organization responsible for critical infrastructure is being attacked and files on the server been deleted. Which of the following are the most immediate communications that should be made regarding the incident? (Choose two.)
A. Notifying law enforcement
B. Notifying the media
C. Notifying a national compute emergency response team (CERT) or cybersecurity incident response team (CSIRT)
D. Notifying the relevant vendor
E. Notifying a mitigation expert
According to Payment Card Industry Data Security Standard (PCI DSS) compliance requirements, an organization must retain logs for what length of time?
A. 3 months
B. 6 months
C. 1 year
D. 5 years
During an incident, the following actions have been taken:
-Executing the malware in a sandbox environment
-Reverse engineering the malware
-Conducting a behavior analysis
Based on the steps presented, which of the following incident handling processes has been taken?
A. Containment
B. Eradication
C. Recovery
D. Identification
An incident handler is assigned to initiate an incident response for a complex network that has been affected by malware. Which of the following actions should be taken FIRST?
A. Make an incident response plan.
B. Prepare incident response tools.
C. Isolate devices from the network.
D. Capture network traffic for analysis.
Detailed step-by-step instructions to follow during a security incident are considered:
A. Policies
B. Guidelines
C. Procedures
D. Standards
The incident response team has completed root cause analysis for an incident. Which of the following actions should be taken in the next phase of the incident response process? (Choose two.)
A. Providing a briefing to management
B. Updating policies and procedures
C. Training staff for future incidents
D. Investigating responsible staff
E. Drafting a recovery plan for the incident
Which of the following enables security personnel to have the BEST security incident recovery practices?
A. Crisis communication plan
B. Disaster recovery plan
C. Occupant emergency plan
D. Incident response plan
An incident at a government agency has occurred and the following actions were taken:
-Users have regained access to email accounts
-Temporary VPN services have been removed
-Host-based intrusion prevention system (HIPS) and antivirus (AV) signatures have been updated
-Temporary email servers have been decommissioned
Which of the following phases of the incident response process match the actions taken?
A. Containment
B. Post-incident
C. Recovery
D. Identification
Which of the following are legally compliant forensics applications that will detect an alternative data stream (ADS) or a file with an incorrect file extension? (Choose two.)
A. Disk duplicator
B. EnCase
C. dd
D. Forensic Toolkit (FTK)
E. Write blocker
Which of the following describes United States federal government cybersecurity policies and guidelines?
A. NIST
B. ANSI
C. NERC
D. GDPR
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CertNexus exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CFR-310 exam preparations and CertNexus certification application, do not hesitate to visit our Vcedump.com to find your solutions here.