An administrator investigating intermittent network communication problems has identified an excessive amount of traffic from an external-facing host to an unknown location on the Internet. Which of the following BEST describes what is occurring?
A. The network is experiencing a denial of service (DoS) attack.
B. A malicious user is exporting sensitive data.
C. Rogue hardware has been installed.
D. An administrator has misconfigured a web proxy.
During the forensic analysis of a compromised computer image, the investigator found that critical files are missing, caches have been cleared, and the history and event log files are empty. According to this scenario, which of the following techniques is the suspect using?
A. System hardening techniques
B. System optimization techniques
C. Defragmentation techniques
D. Anti-forensic techniques
An incident response team is concerned with verifying the integrity of security information and event management (SIEM) events after being written to disk. Which of the following represents the BEST option for addressing this concern?
A. Time synchronization
B. Log hashing
C. Source validation
D. Field name consistency
A security engineer is setting up security information and event management (SIEM). Which of the following log sources should the engineer include that will contain indicators of a possible web server compromise? (Choose two.)
A. NetFlow logs
B. Web server logs
C. Domain controller logs
D. Proxy logs
E. FTP logs
After a hacker obtained a shell on a Linux box, the hacker then sends the exfiltrated data via Domain Name System (DNS). This is an example of which type of data exfiltration?
A. Covert channels
B. File sharing services
C. Steganography
D. Rogue service
According to company policy, all accounts with administrator privileges should have suffix _ja. While reviewing Windows workstation configurations, a security administrator discovers an account without the suffix in the administrator's group. Which of the following actions should the security administrator take?
A. Review the system log on the affected workstation.
B. Review the security log on a domain controller.
C. Review the system log on a domain controller.
D. Review the security log on the affected workstation.
It was recently discovered that many of an organization's servers were running unauthorized cryptocurrency mining software. Which of the following assets were being targeted in this attack? (Choose two.)
A. Power resources
B. Network resources
C. Disk resources
D. Computing resources
E. Financial resources
Which of the following methods are used by attackers to find new ransomware victims? (Choose two.)
A. Web crawling
B. Distributed denial of service (DDoS) attack
C. Password guessing
D. Phishing
E. Brute force attack
Recently, a cybersecurity research lab discovered that there is a hacking group focused on hacking into the computers of financial executives in Company A to sell the exfiltrated information to Company B. Which of the following threat motives does this MOST likely represent?
A. Desire for power
B. Association/affiliation
C. Reputation/recognition
D. Desire for financial gain
A common formula used to calculate risk is: _____________ + Threats + Vulnerabilities = Risk. Which of the following represents the missing factor in this formula?
A. Exploits
B. Security
C. Asset
D. Probability
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CertNexus exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CFR-410 exam preparations and CertNexus certification application, do not hesitate to visit our Vcedump.com to find your solutions here.