最新的Logical Operations CyberSec First Responder - CFR-210免費考試真題
Click the exhibit button. Which of the following Windows tools is executed?
正確答案: B
An alert has been triggered identifying a new application running on a Windows server. Which of the
following tools can be used to identify the application? (Choose two.)
following tools can be used to identify the application? (Choose two.)
正確答案: A,D
A malicious actor sends a crafted email to the office manager using personal information collected from
social media. This type of social engineering attack is known as:
social media. This type of social engineering attack is known as:
正確答案: B
Click the exhibit button. After reviewing captured network traffic logs, a security auditor suspects a
violation of the organization's computer use policy. Which of the following is the likely indicator of the
violation?
violation of the organization's computer use policy. Which of the following is the likely indicator of the
violation?
正確答案: B
An incident responder is asked to create a disk image of a compromised Linux server. Which of the
following commands should be used to do this?
following commands should be used to do this?
正確答案: B
A system administrator is informed that a user received an email containing a suspicious attachment.
Which of the following methods is the FASTEST way to determine whether the file is suspicious or not?
Which of the following methods is the FASTEST way to determine whether the file is suspicious or not?
正確答案: B
During the identification phase, it is discovered that port 23 is being used maliciously. Which of the
following system hardening techniques should be used to remediate the issue?
following system hardening techniques should be used to remediate the issue?
正確答案: A
An attacker performs reconnaissance on a Chief Executive Officer (CEO) using publicity available
resources to gain access to the CEO's office. The attacker was in the CEO's office for less than five
minutes, and the attack left no traces in any logs, nor was there any readily identifiable cause for the
exploit. The attacker in then able to use numerous credentials belonging to the CEO to conduct a variety
of further attacks. Which of the following types of exploit is described?
resources to gain access to the CEO's office. The attacker was in the CEO's office for less than five
minutes, and the attack left no traces in any logs, nor was there any readily identifiable cause for the
exploit. The attacker in then able to use numerous credentials belonging to the CEO to conduct a variety
of further attacks. Which of the following types of exploit is described?
正確答案: D
Which of the following are legally compliant forensics applications that will detect ADS or a file with an
incorrect file extension? (Choose two.)
incorrect file extension? (Choose two.)
正確答案: D,E
DRAG DROP
When perpetrating an attack, there are often a number of phases attackers will undertake, sometimes
taking place over a long period of time. Place the following phases in the correct chronological order from
first (1) to last (5).
When perpetrating an attack, there are often a number of phases attackers will undertake, sometimes
taking place over a long period of time. Place the following phases in the correct chronological order from
first (1) to last (5).
正確答案:
