Download CertNexus.CFR-310.NewDumps.2020-05-26.52q.vcex

Download Exam

File Info

Exam CertNexus CyberSec First Responder
Number CFR-310
File Name CertNexus.CFR-310.NewDumps.2020-05-26.52q.vcex
Size 32 KB
Posted May 26, 2020
Download CertNexus.CFR-310.NewDumps.2020-05-26.52q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

A network security analyst has noticed a flood of Simple Mail Transfer Protocol (SMTP) traffic to internal clients. SMTP traffic should only be allowed to email servers. Which of the following commands would stop this attack? (Choose two.) 


  1. iptables -A INPUT -p tcp –dport 25 -d x.x.x.x -j ACCEPT
  2. iptables -A INPUT -p tcp –sport 25 -d x.x.x.x -j ACCEPT
  3. iptables -A INPUT -p tcp –dport 25 -j DROP
  4. iptables -A INPUT -p tcp –destination-port 21 -j DROP
  5. iptables -A FORWARD -p tcp –dport 6881:6889 -j DROP
Correct answer: AC



Question 2

A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also establishing a connection to IP 88.143.12.123. Which of the following commands should the administrator use to capture only the traffic between the two hosts?


  1. # tcpdump -i eth0 host 88.143.12.123
  2. # tcpdump -i eth0 dst 88.143.12.123
  3. # tcpdump -i eth0 host 192.168.10.121
  4. # tcpdump -i eth0 src 88.143.12.123
Correct answer: B
Explanation:



Question 3

A system administrator identifies unusual network traffic from outside the local network. Which of the following is the BEST method for mitigating the threat?


  1. Malware scanning
  2. Port blocking
  3. Packet capturing
  4. Content filtering
Correct answer: C



Question 4

Which of the following technologies would reduce the risk of a successful SQL injection attack?


  1. Reverse proxy
  2. Web application firewall
  3. Stateful firewall
  4. Web content filtering
Correct answer: B
Explanation:
Reference: http://www.enterprisenetworkingplanet.com/netsecur/article.php/3866756/10-Ways-to-Prevent-or-Mitigate-SQL-Injection-Attacks.htm
Reference: http://www.enterprisenetworkingplanet.com/netsecur/article.php/3866756/10-Ways-to-Prevent-or-Mitigate-SQL-Injection-Attacks.htm



Question 5

Which of the following characteristics of a web proxy strengthens cybersecurity? (Choose two.)


  1. Increases browsing speed
  2. Filters unwanted content
  3. Limits direct connection to Internet 
  4. Caches frequently-visited websites
  5. Decreases wide area network (WAN) traffic
Correct answer: AD



Question 6

During a security investigation, a suspicious Linux laptop is found in the server room. The laptop is processing information and indicating network activity. The investigator is preparing to launch an investigation to determine what is happening with this laptop. Which of the following is the MOST appropriate set of Linux commands that should be executed to conduct the investigation?


  1. iperf, traceroute, whois, ls, chown, cat
  2. iperf, wget, traceroute, dc3dd, ls, whois
  3. lsof, chmod, nano, whois, chown, ls
  4. lsof, ifconfig, who, ps, ls, tcpdump
Correct answer: B



Question 7

A security analyst is required to collect detailed network traffic on a virtual machine. Which of the following tools could the analyst use?


  1. nbtstat
  2. WinDump
  3. fport
  4. netstat
Correct answer: D
Explanation:



Question 8

After a security breach, a security consultant is hired to perform a vulnerability assessment for a company’s web application. Which of the following tools would the consultant use?


  1. Nikto
  2. Kismet
  3. tcpdump
  4. Hydra
Correct answer: A
Explanation:
Reference: https://www.scnsoft.com/blog/network-vulnerability-assessment-guide
Reference: https://www.scnsoft.com/blog/network-vulnerability-assessment-guide



Question 9

When performing an investigation, a security analyst needs to extract information from text files in a Windows operating system. Which of the following commands should the security analyst use?


  1. findstr
  2. grep
  3. awk
  4. sigverif
Correct answer: C
Explanation:
Reference: https://books.google.com.pk/books?id=8qTxCAAAQBAJ&pg=PA6&lpg=PA6&dq=awk+extract+information+from+text+files+in+a+Windows+operating+system&source=bl&ots=mm7bH69viV&sig=ACfU3U2sg2lNmZXZW0FKQWctyfH89yAz3Q&hl=en&sa=X&ved=2ahUKEwiFioWCgbbpAhVFQBoKHavGAcUQ6AEwAHoECBQQAQ#v=onepage&q=awk%20extract%20information%20from%20text%20files%20in%20a%20Windows%20operating%20system&f=false
Reference: https://books.google.com.pk/books?id=8qTxCAAAQBAJ&pg=PA6&lpg=PA6&dq=awk+extract+information+from+text+files+in+a+Windows+operating+system&source=bl&ots=mm7bH69viV&sig=ACfU3U2sg2lNmZXZW0FKQWctyfH89yAz3Q&hl=en&sa=X&ved=2ahUKEwiFioWCgbbpAhVFQBoKHavGAcUQ6AEwAHoECBQQAQ#v=onepage&q=awk%20extract%20information%20from%20text%20files%20in%20a%20Windows%20operating%20system&f=false



Question 10

An organization recently suffered a breach due to a human resources administrator emailing employee names and Social Security numbers to a distribution list. 
Which of the following tools would help mitigate this risk from recurring? 


  1. Data loss prevention (DLP)
  2. Firewall
  3. Web proxy
  4. File integrity monitoring
Correct answer: A









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files