Free Download CFR-310 Examp Dump: CertNexus.CFR-310.CertDumps.2020-06-10.100q.vcex

File Info

Exam	CertNexus CyberSec First Responder
Number	CFR-310
File Name	CertNexus.CFR-310.CertDumps.2020-06-10.100q.vcex
Size	82 KB
Posted	Jun 10, 2020
Download	CertNexus.CFR-310.CertDumps.2020-06-10.100q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%

Demo Questions

Question 1

While planning a vulnerability assessment on a computer network, which of the following is essential? (Choose two.)

Identifying exposures
Identifying critical assets
Establishing scope
Running scanning tools
Installing antivirus software

Correct answer: AC

Question 2

During which phase of a vulnerability assessment would a security consultant need to document a requirement to retain a legacy device that is no longer supported and cannot be taken offline?

Conducting post-assessment tasks
Determining scope
Identifying critical assets
Performing a vulnerability scan

Correct answer: C

Question 3

Senior management has stated that antivirus software must be installed on all employee workstations. Which of the following does this statement BEST describe?

Guideline
Procedure
Policy
Standard

Correct answer: C

Question 4

Which of the following data sources could provide indication of a system compromise involving the exfiltration of data to an unauthorized destination?

IPS logs
DNS logs
SQL logs
SSL logs

Correct answer: A

Question 5

Which of the following methods are used by attackers to find new ransomware victims? (Choose two.)

Web crawling
Distributed denial of service (DDoS) attack
Password guessing
Phishing
Brute force attack

Correct answer: DE

Explanation:

Reference: https://www.itproportal.com/features/the-four-most-popular-methods-hackers-use-to-spread-ransomware/

Question 6

As part of an organization's regular maintenance activities, a security engineer visits the Internet Storm Center advisory page to obtain the latest list of blacklisted host/network addresses. The security engineer does this to perform which of the following activities?

Update the latest proxy access list
Monitor the organization's network for suspicious traffic
Monitor the organization's sensitive databases
Update access control list (ACL) rules for network devices

Correct answer: D

Question 7

Malicious code designed to execute in concurrence with a particular event is BEST defined as which of the following?

Logic bomb
Rootkit
Trojan
Backdoor

Correct answer: A

Explanation:

Reference: https://searchsecurity.techtarget.com/definition/Malware-Glossary

Question 8

A common formula used to calculate risk is: _____________ + Threats + Vulnerabilities = Risk. Which of the following represents the missing factor in this formula?

Exploits
Security
Asset
Probability

Correct answer: C

Explanation:

Reference: https://www.threatanalysis.com/2010/05/03/threat-vulnerability-risk-commonly-mixed-up-terms/

Question 9

While performing routing maintenance on a Windows Server, a technician notices several unapproved Windows Updates and that remote access software has been installed. The technician suspects that a malicious actor has gained access to the system. Which of the following steps in the attack process does this activity indicate?

Expanding access
Covering tracks
Scanning
Persistence

Correct answer: A

Question 10

During a security investigation, a suspicious Linux laptop is found in the server room. The laptop is processing information and indicating network activity. The investigator is preparing to launch an investigation to determine what is happening with this laptop. Which of the following is the MOST appropriate set of Linux commands that should be executed to conduct the investigation?