CFR-210試験無料問題集（100題）「Logical Operations CyberSec First Responder 認定」

出題：1

A computer attacker has compromised a system by implanting a script that will send 10B packages over
port 150. This port is also used for sending heartbeat messages to a central monitoring server.
Which of the following BEST describes the tactic used to execute this attack?

A. Backdoors

B. Logic bomb

C. ICMP redirect

D. Covert channels

正解：D 解答を投票する

出題：2

A malicious attacker has compromised a database by implementing a Python-based script that will automatically establish an SSH connection daily between the hours of 2:00am and 5:00am.
Which of the following is the MOST common motive for the attack vector that was used?

A. Lateral movement

B. Persistence/maintaining access

C. Pivoting

D. Exfiltration

正解：A 解答を投票する

出題：3

A company website was hacked via the SQL query below:

Which of the following did the hackers perform?

A. Performed an XSS attack

B. Deleted the email password and login details

C. Cleared tracks of [email protected] entries

D. Deleted the entire members table

正解：A 解答を投票する

出題：4

An alert has been triggered identifying a new application running on a Windows server. Which of the
following tools can be used to identify the application? (Choose two.)

A. traceroute

B. Task manager

C. nbstat

D. Hex editor

E. Process explorer

正解：B,E 解答を投票する

出題：5

A security analyst for a financial services firm is monitoring blogs and reads about a zero-day vulnerability
being exploited by a little-known group of hackers. The analyst wishes to independently validate and
corroborate the blog's posting. Which of the following sources of information will provide the MOST
credible supporting threat intelligence in this situation?

A. Computer emergency response team press release

B. Similar cybersecurity blogs

C. Threat intelligence sharing groups

D. Internet searches on zero-day exploits

正解：A 解答を投票する

出題：6

As part of an incident response effort, data has been collected and analyzed, and a malware infection has
been contained . Which of the following is the NEXT step the incident response team should take within
the incident response process?

A. Ensure every instance of the malware has been removed across the organization.

B. Begin recovering all infected systems to return the organization to normal operations as soon as
possible.

C. Start writing the report to ensure a quality product is delivered by the end of the project.

D. Discuss lessons learned before proceeding with other steps.

正解：A 解答を投票する

出題：7

A suspicious laptop is found in a datacenter. The laptop is on and processing data, although there is no application open on the screen.
Which of the following BEST describes a Windows tool and technique that an investigator should use to analyze the laptop's RAM for working applications?

A. Task manager and Application analysis

B. Net start and Network analysis

C. Volatility and Memory analysis

D. Regedit and Registry analysis

正解：D 解答を投票する

出題：8

An organization needs to determine of any systems on its network (10.0.25.0/24) have web services
running on port 80 or 443. Which of the following is the BEST command to do this?

A. netstat -v 80,443 10.0.25.0/24

B. nmap -p 80,443 10.0.25.0/24

C. nmap -v 80,443 10.0.25.0/24

D. netstat -p 80-443 10.0.25.0/24

正解：A 解答を投票する

出題：9

Which of the following can hackers use to gain access to a system over the network without knowing the
actual password?

A. User enumeration

B. Port scanning

C. Pass the hash

D. Password cracking

正解：D 解答を投票する

出題：10

A security analyst discovers a zero-day vulnerability affecting Windows, which has not been publicly
identified. The security analyst assumes this vulnerability is present on millions of computer system and
feels an obligation to share this information with other security professionals. Which of the following would
be the MOST adverse consequences of the analyst sharing this information?

A. Public exposure of the vulnerability, including to potential attackers

B. Unexpected media coverage of the discovery

C. Possible legal consequences for the analyst

D. Potential distribution of misinformation

正解：A 解答を投票する

CFR-210試験無料問題集「Logical Operations CyberSec First Responder 認定」