Logical Operations CyberSec First Responder (CFR-210) Practice Test

Questions # 1:

Click the exhibit button. Which of the following Windows tools is executed?

Question # 1

Options:

nmap

netstat

tracert

traceroute

Questions # 2:

Which of the following is an automated password cracking technique that uses a combination of upper and lower case letters, 0-9 numbers, and special characters?

Options:

Dictionary attack

Password guessing

Brute force attack

Rainbow tables

Questions # 3:

An analyst would like to search for a specific text string at the beginning of a line that begins with four capital alphabetic characters. Which of the following search operators should be used?

Options:

/\b\w{4}\b

/\b[A-Z]{4}\g

/^\w{4}\b

/B[A-Z]{4}\b\g

Questions # 4:

Which of the following resources BEST supports malware analysis?

Options:

Internet service providers

Government websites

Crowdsourced intelligence feed

Internal network management team

Questions # 5:

An organization’s firewall has recently been bombarded with an excessive amount of failed requests. A security analyst has been tasked with providing metrics on any failed attempts to ports above 1000. Which of the following regular expressions will work BEST to identify an IP address with the desired port range?

Options:

/\b^(?\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):({4,5}\d+)\b/

/\b^(?\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):([4]\D+)\b/

/\b^(?\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):([4]\d+)\b/

/\b^(?\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):(\d{1,5})\b/

Questions # 6:

Log review shows that large amounts of data are being sent to an IP address unassociated with the company. Which of the following migration techniques should be implemented?

Options:

DNS filtering

System hardening

Proxy

IPS

Questions # 7:

An outside organization has reported to the Chief Information Officer (CIO) of a company that it has received attack from a Linux system in the company’s DMZ. Which of the following commands should an incident responder use to review a list of currently running programs on the potentially compromised system?

Options:

task manager

tlist

who

top

Questions # 8:

During the identification phase, it is discovered that port 23 is being used maliciously. Which of the following system hardening techniques should be used to remediate the issue?

Options:

Disable unnecessary services

Patch the system

Configure blackhole routing

Configure DNS filtering

Questions # 9:

Which of the following enables security personnel to have the BEST security incident recovery practices?

Options:

Crisis communication plan

Disaster recovery plan

Occupant emergency plan

Cyber incident response plan

Questions # 10:

A suspicious laptop is found in a datacenter. The laptop is on and processing data, although there is no application open on the screen. Which of the following BEST describes a Windows tool and technique that an investigator should use to analyze the laptop’s RAM for working applications?

Options:

Net start and Network analysis

Regedit and Registry analysis

Task manager and Application analysis

Volatility and Memory analysis

Viewing page 1 out of 3 pages

Viewing questions 1-10 out of questions

Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple70

Pass the Logical Operations CyberSec First Responder CFR-210 Questions and answers with ExamsMirror

Exam CFR-210 Premium Access

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options:

TOP CODES