CertNexus CyberSec First Responder - CFR-410 Exam Practice Test

Question 1
A digital forensics investigation requires analysis of a compromised system's physical memory. Which of the following tools should the forensics analyst use to complete this task?

Correct Answer: B
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 2
Which of the following attack vectors capitalizes on a previously undisclosed issue with a software application?

Correct Answer: A
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 3
A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also establishing a connection to IP 88.143.12.123. Which of the following commands should the administrator use to capture only the traffic between the two hosts?

Correct Answer: B
Question 4
What is the primary role of an intrusion detection system (IDS) on a network?

Correct Answer: C
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 5
An automatic vulnerability scan has been performed. Which is the next step of the vulnerability assessment process?

Correct Answer: A
Question 6
As part of an organization's regular maintenance activities, a security engineer visits the Internet Storm Center advisory page to obtain the latest list of blacklisted host/network addresses. The security engineer does this to perform which of the following activities?

Correct Answer: C
Question 7
Which of the following, when exposed together, constitutes PII? (Choose two.)

Correct Answer: C,E
Question 8
A company has noticed a trend of attackers gaining access to corporate mailboxes. Which of the following would be the BEST action to take to plan for this kind of attack in the future?

Correct Answer: B
Question 9
ABC Company uses technical compliance tests to verify that its IT systems are configured according to organizational information security policies, standards, and guidelines. Which two tools and controls can ABC Company use to verify that its IT systems are configured accordingly? (Choose two.)

Correct Answer: B,D
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 10
Which of the following could be useful to an organization that wants to test its incident response procedures without risking any system downtime?

Correct Answer: C
Question 11
Which of the following is an automated password cracking technique that uses a combination of uppercase and lowercase letters, 0-9 numbers, and special characters?

Correct Answer: D
Question 12
A security operations center (SOC) analyst observed an unusually high number of login failures on a particular database server. The analyst wants to gather supporting evidence before escalating the observation to management. Which of the following expressions will provide login failure data for 11/24/2015?

Correct Answer: A
Question 13
Which of the following is a social engineering tactic in which an attacker engages in temptation or promise of a good or service?

Correct Answer: A
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 14
Which of the following types of digital evidence is considered the MOST volatile?

Correct Answer: C
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 15
Which of the following is the GREATEST risk of having security information and event management (SIEM) collect computer names with older log entries?

Correct Answer: C