Ultimate Guide to Prepare CFR-310 with Accurate PDF Questions [Feb 17, 2022]

Pass CertNexus With ExamsTorrent Exam Dumps

NEW QUESTION 20
Various logs are collected for a data leakage case to make a forensic analysis. Which of the following are MOST important for log integrity? (Choose two.)

• A. Modified date/time
• B. Log path
• C. Time stamp
• D. Hash value
• E. Log type

Answer: C,D

 

NEW QUESTION 21
An organization recently suffered a breach due to a human resources administrator emailing employee names and Social Security numbers to a distribution list. Which of the following tools would help mitigate this risk from recurring?

• A. Web proxy
• B. Firewall
• C. Data loss prevention (DLP)
• D. File integrity monitoring

Answer: C

 

NEW QUESTION 22
Senior management has stated that antivirus software must be installed on all employee workstations. Which of the following does this statement BEST describe?

• A. Standard
• B. Procedure
• C. Guideline
• D. Policy

Answer: D

 

NEW QUESTION 23
After a hacker obtained a shell on a Linux box, the hacker then sends the exfiltrated data via Domain Name System (DNS). This is an example of which type of data exfiltration?

• A. File sharing services
• B. Covert channels
• C. Steganography
• D. Rogue service

Answer: B

 

NEW QUESTION 24
A security professional discovers a new ransomware strain that disables antivirus on the endpoint during an infection. Which location would be the BEST place for the security professional to find technical information about this malware?

• A. Social network sites
• B. Threat intelligence feeds
• C. Vulnerability databases
• D. Computer emergency response team (CERT) press releases

Answer: B

 

NEW QUESTION 25
Which of the following is an automated password cracking technique that uses a combination of uppercase and lowercase letters, 0-9 numbers, and special characters?

• A. Brute force attack
• B. Password guessing
• C. Dictionary attack
• D. Rainbow tables

Answer: A

 

NEW QUESTION 26
An incident at a government agency has occurred and the following actions were taken:
-Users have regained access to email accounts
-Temporary VPN services have been removed
-Host-based intrusion prevention system (HIPS) and antivirus (AV) signatures have been updated
-Temporary email servers have been decommissioned
Which of the following phases of the incident response process match the actions taken?

• A. Recovery
• B. Identification
• C. Containment
• D. Post-incident

Answer: C

 

NEW QUESTION 27
Which of the following data sources could provide indication of a system compromise involving the exfiltration of data to an unauthorized destination?

• A. SQL logs
• B. IPS logs
• C. SSL logs
• D. DNS logs

Answer: B

 

NEW QUESTION 28
A network administrator has determined that network performance has degraded due to excessive use of social media and Internet streaming services. Which of the following would be effective for limiting access to these types of services, without completely restricting access to a site?

• A. Network segmentation
• B. Web content filtering
• C. Blacklisting
• D. Whitelisting

Answer: B

Explanation:
Explanation/Reference: https://umbrella.cisco.com/solutions/web-content-filtering

 

NEW QUESTION 29
Which of the following are common areas of vulnerabilities in a network switch? (Choose two.)

• A. Default port state
• B. Default IP address
• C. Default encryption
• D. Default protocols
• E. Default credentials

Answer: A,E

 

NEW QUESTION 30
A security administrator notices a process running on their local workstation called SvrsScEsdKexzCv.exe.
The unknown process is MOST likely:

• A. Malware
• B. A system process
• C. An application process
• D. A port scanner

Answer: A

Explanation:
Explanation/Reference:

 

NEW QUESTION 31
Which of the following are well-known methods that are used to protect evidence during the forensics process?
(Choose three.)

• A. Evidence bags
• B. Secure rooms
• C. Faraday boxes
• D. Lock box
• E. Security envelope
• F. Caution tape

Answer: A,E,F

 

NEW QUESTION 32
After successfully enumerating the target, the hacker determines that the victim is using a firewall. Which of the following techniques would allow the hacker to bypass the intrusion prevention system (IPS)?

• A. Stealth scanning
• B. Port scanning
• C. FINS scanning
• D. Xmas scanning

Answer: C

 

NEW QUESTION 33
A common formula used to calculate risk is: _____________ + Threats + Vulnerabilities = Risk. Which of the following represents the missing factor in this formula?

• A. Asset
• B. Security
• C. Exploits
• D. Probability

Answer: A

Explanation:
Explanation/Reference: https://www.threatanalysis.com/2010/05/03/threat-vulnerability-risk-commonly-mixed-up-terms/

 

NEW QUESTION 34
A company help desk is flooded with calls regarding systems experiencing slow performance and certain Internet sites taking a long time to load or not loading at all. The security operations center (SOC) analysts who receive these calls take the following actions:
- Running antivirus scans on the affected user machines
- Checking department membership of affected users
- Checking the host-based intrusion prevention system (HIPS) console for affected user machine alerts
- Checking network monitoring tools for anomalous activities
Which of the following phases of the incident response process match the actions taken?

• A. Recovery
• B. Containment
• C. Identification
• D. Preparation

Answer: C

Explanation:
Explanation/Reference:

 

NEW QUESTION 35
......

Latest CFR-310 Exam Dumps - Valid and Updated Dumps: https://www.examstorrent.com/CFR-310-exam-dumps-torrent.html