Live Chat
Live Support
CertNexus CyberSec First Responder CFR-310 Dumps
June 18,2020
CyberSec First Responder (Exam CFR-310) is a comprehensive certification designed to validate the knowledge and skills required to protect these critical information systems before, during, and after an incident. Passcert new released CertNexus CyberSec First Responder CFR-310 Dumps that give you confidence to pass this certification exam in first attempt and with maximized score. We guarantee that once you have gone through Passcert CertNexus CFR-310 practice session it will be much easier to appear and pass in the required exam.
CFR-310 Exam Information - CyberSec First Responder(CFR)
The CyberSec First Responder exam will certify that the successful candidate has the knowledge, skills, and abilities required to effectively identify, respond to, protect against, and remediate malicious activities involving computing systems. Additionally, the candidate has the foundational knowledge to deal with a changing threat landscape and will be able to assess risk and vulnerabilities, acquire data, perform analysis, continuously communicate, determine scope, recommend remediation actions, and accurately report results.
The CyberSec First Responder? (CFR) exam is designed for individuals with between 3 and 5 years of experience working in a computing environment as part of a CERT/CSIRT/SOC who desire or are required to protect critical information systems before, during, and after an incident which may be a cybersecurity attack.
CyberSec First Responder CFR-310 Exam Details
Exam Code: CFR-310
Target Candidate: Individuals with between 3 and 5 years of experience working in a computing environment as part of a CERT/CSIRT/SOC who protect critical information systems before, during, and after an incident.
Number of Questions: 100 questions
Item Formats: Multiple Choice/Multiple Response
Exam Duration: 120 minutes (including 5 minutes for Candidate Agreement and 5 minutes for Pearson VUE tutorial)
Exam Options: In person at Pearson VUE test centers or online via Pearson OnVUE
Passing Score: 70% or 71%, depending on exam form
CyberSec First Responder CFR-310 Exam Objective Domains
Share CyberSec First Responder CFR-310 Free Demo
1.A network security analyst has noticed a flood of Simple Mail Transfer Protocol (SMTP) traffic to internal clients. SMTP traffic should only be allowed to email servers.
Which of the following commands would stop this attack? (Choose two.)
A. iptables -A INPUT -p tcp –dport 25 -d x.x.x.x -j ACCEPT
B. iptables -A INPUT -p tcp –sport 25 -d x.x.x.x -j ACCEPT
C. iptables -A INPUT -p tcp –dport 25 -j DROP
D. iptables -A INPUT -p tcp –destination-port 21 -j DROP
E. iptables -A FORWARD -p tcp –dport 6881:6889 -j DROP
Answer: AC
2.A secretary receives an email from a friend with a picture of a kitten in it. The secretary forwards it to the ~COMPANYWIDE mailing list and, shortly thereafter, users across the company receive the following message:
“You seem tense. Take a deep breath and relax!”
The incident response team is activated and opens the picture in a virtual machine to test it. After a short analysis, the following code is found in C:
\Temp\chill.exe:Powershell.exe –Command “do {(for /L %i in (2,1,254) do shutdown /r /m Error! Hyperlink reference not valid.> /f /t / 0 (/c “You seem tense. Take a deep breath and relax!”);Start-Sleep –s 900) } while(1)”
Which of the following BEST represents what the attacker was trying to accomplish?
A. Taunt the user and then trigger a shutdown every 15 minutes.
B. Taunt the user and then trigger a reboot every 15 minutes.
C. Taunt the user and then trigger a shutdown every 900 minutes.
D. Taunt the user and then trigger a reboot every 900 minutes.
Answer: B
3.A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also establishing a connection to IP 88.143.12.123.
Which of the following commands should the administrator use to capture only the traffic between the two hosts?
A. # tcpdump -i eth0 host 88.143.12.123
B. # tcpdump -i eth0 dst 88.143.12.123
C. # tcpdump -i eth0 host 192.168.10.121
D. # tcpdump -i eth0 src 88.143.12.123
Answer: B
4.After imaging a disk as part of an investigation, a forensics analyst wants to hash the image using a tool that supports piecewise hashing.
Which of the following tools should the analyst use?
A. md5sum
B. sha256sum
C. md5deep
D. hashdeep
Answer: A
5.Which of the following is a cybersecurity solution for insider threats to strengthen information protection?
A. Web proxy
B. Data loss prevention (DLP)
C. Anti-malware
D. Intrusion detection system (IDS)
Answer: B
6.A security administrator is investigating a compromised host.
Which of the following commands could the investigator use to display executing processes in real time?
A. ps
B. top
C. nice
D. pstree
Answer: B
- Related Suggestion
- Certified Internet of Things Security Practitioner(CIoTSP) ITS-110 Dumps November 26,2022
- CertNexus CyberSec First Responder CFR-410 Exam Dumps November 25,2022
Products | Promotion | Payment | FAQ | Contact Us | Guarantee & Refund Policy | Privacy | Terms and Condition | Facebook
Copyright © 2002-2024 passcert information Co.,Ltd. All Rights Reserved.
Passcert doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All Passcert content is sourced from the Internet.
Copyright © 2002-2024 passcert information Co.,Ltd. All Rights Reserved.
Passcert doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All Passcert content is sourced from the Internet.
