Online CFR-410 Practice TestMore CertNexus Products >

Free CertNexus CFR-410 Exam Dumps Questions

CertNexus CFR-410: CyberSec First Responder (CFR) Exam

- Get instant access to CFR-410 practice exam questions

- Get ready to pass the CyberSec First Responder (CFR) Exam exam right now using our CertNexus CFR-410 exam package, which includes CertNexus CFR-410 practice test plus an CertNexus CFR-410 Exam Simulator.

- The best online CFR-410 exam study material and preparation tool is here.

4.5

(5475 ratings)

Question 1

Which of the following technologies would reduce the risk of a successful SQL injection attack?

A. Reverse proxy

B. Web application firewall

C. Stateful firewall

D. Web content filtering

Correct Answer:B

Question 2

A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also establishing a connection to IP 88.143.12.123. Which of the following commands should the administrator use to capture only the traffic between the two hosts?

A. # tcpdump -i eth0 host 88.143.12.123

B. # tcpdump -i eth0 dst 88.143.12.123

C. # tcpdump -i eth0 host 192.168.10.121

D. # tcpdump -i eth0 src 88.143.12.123

Correct Answer:B

Question 3

A security administrator needs to review events from different systems located worldwide. Which of the following is MOST important to ensure that logs can be effectively correlated?

A. Logs should be synchronized to their local time zone.

B. Logs should be synchronized to a common, predefined time source.

C. Logs should contain the username of the user performing the action.

D. Logs should include the physical location of the action performed.

Correct Answer:A

Question 4

If a hacker is attempting to alter or delete system audit logs, in which of the following attack phases is the hacker involved?

A. Covering tracks

B. Expanding access

C. Gaining persistence

D. Performing reconnaissance

Correct Answer:A

Question 5

Which of the following is the GREATEST risk of having security information and event management (SIEM) collect computer names with older log entries?

A. There may be duplicate computer names on the network.

B. The computer name may not be admissible evidence in court.

C. Domain Name System (DNS) records may have changed since the log was created.

D. There may be field name duplication when combining log files.

Correct Answer:D

Question 6

During which phase of a vulnerability assessment would a security consultant need to document a requirement to retain a legacy device that is no longer supported and cannot be taken offline?

A. Conducting post-assessment tasks

B. Determining scope

C. Identifying critical assets

D. Performing a vulnerability scan

Correct Answer:C

START CFR-410 EXAM