An incident response team is concerned with verifying the integrity of security information and event management (SIEM) events after being written to disk. Which of the following represents the BEST option for addressing this concern?
A. Time synchronization
B. Log hashing
C. Source validation
D. Field name consistency
During the forensic analysis of a compromised computer image, the investigator found that critical files are missing, caches have been cleared, and the history and event log files are empty. According to this scenario, which of the following techniques is the suspect using?
A. System hardening techniques
B. System optimization techniques
C. Defragmentation techniques
D. Anti-forensic techniques
A security engineer is setting up security information and event management (SIEM). Which of the following log sources should the engineer include that will contain indicators of a possible web server compromise? (Choose two.)
A. NetFlow logs
B. Web server logs
C. Domain controller logs
D. Proxy logs
E. FTP logs
According to company policy, all accounts with administrator privileges should have suffix _ja. While
reviewing Windows workstation configurations, a security administrator discovers an account without the
suffix in the administrator's group.
Which of the following actions should the security administrator take?
A. Review the system log on the affected workstation.
B. Review the security log on a domain controller.
C. Review the system log on a domain controller.
D. Review the security log on the affected workstation.
After a hacker obtained a shell on a Linux box, the hacker then sends the exfiltrated data via Domain Name System (DNS). This is an example of which type of data exfiltration?
A. Covert channels
B. File sharing services
C. Steganography
D. Rogue service
Which of the following methods are used by attackers to find new ransomware victims? (Choose two.)
A. Web crawling
B. Distributed denial of service (DDoS) attack
C. Password guessing
D. Phishing
E. Brute force attack
It was recently discovered that many of an organization's servers were running unauthorized cryptocurrency mining software. Which of the following assets were being targeted in this attack? (Choose two.)
A. Power resources
B. Network resources
C. Disk resources
D. Computing resources
E. Financial resources
Recently, a cybersecurity research lab discovered that there is a hacking group focused on hacking into the computers of financial executives in Company A to sell the exfiltrated information to Company B. Which of the following threat motives does this MOST likely represent?
A. Desire for power
B. Association/affiliation
C. Reputation/recognition
D. Desire for financial gain
A common formula used to calculate risk is: _____________ + Threats + Vulnerabilities = Risk. Which of the following represents the missing factor in this formula?
A. Exploits
B. Security
C. Asset
D. Probability
After successfully enumerating the target, the hacker determines that the victim is using a firewall. Which of the following techniques would allow the hacker to bypass the intrusion prevention system (IPS)?
A. Stealth scanning
B. Xmas scanning
C. FINS scanning
D. Port scanning
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CertNexus exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CFR-310 exam preparations and CertNexus certification application, do not hesitate to visit our Vcedump.com to find your solutions here.