Logical Operations CFR-210 Exam Questions Free Practice Test

Viewing page 2 out of 3 pages

Viewing questions 11-20 out of questions

Questions # 11:

Network engineering has reported low bandwidth during working hours. The incident response team is currently investigating several anomalous activities that may be related. Which of the following is the MOST appropriate method to further investigate this problem?

Options:

Collecting and analyzing computer logs

Imaging hard disk drives of computers on the network

Capturing network traffic and packet analysis

Penetration testing and port scanning

Questions # 12:

A forensics investigator has been assigned the task of investigating a system user for suspicion of using a company-owned workstation to view unauthorized content. Which of the following would be a proper course of action for the investigator to take?

Options:

Notify the user that their workstation is being confiscated to perform an investigation, providing no details as to the reasoning.

Confiscate the workstation while the suspected employee is out of the office, andperform a search on the asset.

Confiscate the workstation while the suspected employee is out of the office, and perform the search on bit-for-bit image of the hard drive.

Notify the user that the workstation is being confiscated to perform an investigation, providing complete transparency as to the suspicions.

Questions # 13:

A hacker’s end goal is to target the Chief Financial Officer (CFO) of a bank. Which of the following describes this social engineering tactic?

Options:

Vishing

Pharming

Spear phishing

Whaling

Questions # 14:

Which of the following is an automated password cracking technique that uses a combination of upper and lower case letters, 0-9 numbers, and special characters?

Options:

Dictionary attack

Password guessing

Brute force attack

Rainbow tables

Questions # 15:

A file is discovered in the /etc directory of an internal server by an automated file integrity checker. A security analyst determines the file is a bash script. The contents are as follows:

---

#/bin/bash

IFS=:

[[-f/etc/passwd]] && cat/etc/passwd |

while read a b c d e f g

echo “$e ($a)”

done

---

Which of the following was the author of the script attempting to gather?

Options:

Home directory and shell

Username and password hash

User’s name and username

UID and GID

Questions # 16:

Which of the following are reasons that a hacker would execute a DoS or a DDoS attack? (Choose two.)

Options:

To determine network bandwidth

To distract the incident response team

To distract the remediation team

To promote business operations

To compromise a system and reuse the IP address

Questions # 17:

An incident responder suspects that a host behind a firewall is infected with malware. Which of the following should the responder use to find the IP address of the infected machine?

Options:

NAT table

ARP cache

DNS cache

CAM cable

Questions # 18:

An incident responder is asked to work with the IT department to address patch management issues with the company servers. Which of the following is the BEST source for the incident responder to obtain the CVEs for the latest industry-recognized patches?

Options:

Vulnerabilities database

Intelligence feeds

Security journals

Security blogs

Questions # 19:

Which of the following techniques allows probing firewall rule sets and finding entry points into a targeted system or network?

Options:

Distributed checksum clearinghouse

Firewall fingerprinting

Network enumeration

Packet crafting

Questions # 20:

An analyst would like to search for a specific text string at the beginning of a line that begins with four capital alphabetic characters. Which of the following search operators should be used?

Options:

/\b\w{4}\b

/\b[A-Z]{4}\g

/^\w{4}\b

/B[A-Z]{4}\b\g

Viewing page 2 out of 3 pages

Viewing questions 11-20 out of questions

Pass the Logical Operations CyberSec First Responder CFR-210 Questions and answers with CertsForce