Download CertNexus.CFR-310.NewDumps.2020-12-21.100q.tqb

Download Exam

File Info

Exam CertNexus CyberSec First Responder
Number CFR-310
File Name CertNexus.CFR-310.NewDumps.2020-12-21.100q.tqb
Size 362 KB
Posted Dec 21, 2020
Download CertNexus.CFR-310.NewDumps.2020-12-21.100q.tqb

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

A network security analyst has noticed a flood of Simple Mail Transfer Protocol (SMTP) traffic to internal clients. SMTP traffic should only be allowed to email servers.  
Which of the following commands would stop this attack? (Choose two.)


  1. iptables -A INPUT -p tcp dport 25 -d x.x.x.x -j ACCEPT
  2. iptables -A INPUT -p tcp sport 25 -d x.x.x.x -j ACCEPT
  3. iptables -A INPUT -p tcp dport 25 -j DROP
  4. iptables -A INPUT -p tcp destination-port 21 -j DROP
  5. iptables -A FORWARD -p tcp dport 6881:6889 -j DROP
Correct answer: AC



Question 2

A secretary receives an email from a friend with a picture of a kitten in it. The secretary forwards it to the ~COMPANYWIDE mailing list and, shortly thereafter, users across the company receive the following message:
"You seem tense. Take a deep breath and relax!" 
The incident response team is activated and opens the picture in a virtual machine to test it. After a short analysis, the following code is found in C:\Temp\chill.exe:Powershell.exe Command "do {(for /L %i in (2,1,254) do shutdown /r /m Error! Hyperlink reference not valid.> /f /t / 0 (/c "You seem tense. Take a deep breath and relax!");Start- Sleep s 900) } while(1)" 
Which of the following BEST represents what the attacker was trying to accomplish?


  1. Taunt the user and then trigger a shutdown every 15 minutes.
  2. Taunt the user and then trigger a reboot every 15 minutes.
  3. Taunt the user and then trigger a shutdown every 900 minutes.
  4. Taunt the user and then trigger a reboot every 900 minutes.
Correct answer: B
Explanation:



Question 3

A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also establishing a connection to IP 88.143.12.123. Which of the following commands should the administrator use to capture only the traffic between the two hosts?


  1. # tcpdump -i eth0 host 88.143.12.123
  2. # tcpdump -i eth0 dst 88.143.12.123
  3. # tcpdump -i eth0 host 192.168.10.121
  4. # tcpdump -i eth0 src 88.143.12.123
Correct answer: B









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files