CFR-410試験無料問題集（182題）「CertNexus CyberSec First Responder 認定」

出題：1

Which of the following are common areas of vulnerabilities in a network switch? (Choose two.)

A. Default encryption

B. Default protocols

C. Default IP address

D. Default port state

E. Default credentials

正解：D,E 解答を投票する

出題：2

A company that maintains a public city infrastructure was breached and information about future city projects was leaked. After the post-incident phase of the process has been completed, which of the following would be PRIMARY focus of the incident response team?

A. Contact the city police for official investigation.

B. Restore service and eliminate the business impact.

C. Determine effective policy changes.

D. Inform the company board about the incident.

正解：C 解答を投票する

出題：3

A security analyst is required to collect detailed network traffic on a virtual machine. Which of the following tools could the analyst use?

A. WinDump

B. nbtstat

C. fport

D. netstat

正解：D 解答を投票する

出題：4

Which answer option is a tactic of social engineering in which an attacker engages in an attack performed by phone?

A. Smishing

B. Vishing

C. Phishing

D. Pretexting

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

What is the primary role of an intrusion detection system (IDS) on a network?

A. Blocking malicious packets

B. Detection of network vulnerabilities

C. Detection of possible threats

D. Detection of system failures

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

To minimize vulnerability, which steps should an organization take before deploying a new Internet of Things (IoT) device? (Choose two.)

A. Setting up new users

B. Disabling IPv6

C. Changing the default password

D. Updating the device firmware

E. Enabling the firewall

正解：D,E 解答を投票する

出題：7

An incident responder has collected network capture logs in a text file, separated by five or more data fields.
Which of the following is the BEST command to use if the responder would like to print the file (to terminal/ screen) in numerical order?

A. cat | tac

B. more

C. less

D. sort -n

正解：D 解答を投票する

出題：8

Which two answer options correctly highlight the difference between static and dynamic binary analysis techniques? (Choose two.)

A. Static analysis tells everything the program can do. and dynamic analysis tells exactly what the program does when it is executed in a given environment and with a particular input.

B. Dynamic analysis tells everything the program can do. and static analysis tells exactly what the program does when it is executed in a given environment and with a particular input.

C. Dynamic analysis examines the binary without executing it, while static analysis executes the program and observes its behavior.

D. Static analysis examines the binary without executing it. while dynamic analysis executes the program and observes its behavior.

正解：A,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

A security administrator is investigating a compromised host. Which of the following commands could the investigator use to display executing processes in real time?

A. ps

B. nice

C. pstree

D. top

正解：D 解答を投票する

出題：10

After successfully enumerating the target, the hacker determines that the victim is using a firewall. Which of the following techniques would allow the hacker to bypass the intrusion prevention system (IPS)?

A. FINS scanning

B. Stealth scanning

C. Port scanning

D. Xmas scanning

正解：A 解答を投票する

CFR-410試験無料問題集「CertNexus CyberSec First Responder 認定」