CFR-210無料問題集「Logical Operations CyberSec First Responder」

質問 1

A SOC analyst has been tasked with checking all files in every employee home directory for any mention
of a new product code named PitViper. Which of the following commands will return all requested data?

（A）grep -r -v "pitviper" /home

（B）grep -i "pitviper" /home

（C）grep -r -i "pitviper" /home

（D）grep -r "PitViper" /home

正解：B 解答を投票する

質問 2

Which of the following technologies is used as mitigation to XSS attacks?

（A）Intrusion detection

（B）Intrusion prevention

（C）Proxy filtering

（D）Web application firewall

正解：D 解答を投票する

質問 3

A forensics investigator has been assigned the task of investigating a system user for suspicion of using a
company-owned workstation to view unauthorized content. Which of the following would be a proper
course of action for the investigator to take?

（A）Notify the user that their workstation is being confiscated to perform an investigation, providing no
details as to the reasoning.

（B）Notify the user that the workstation is being confiscated to perform an investigation, providing complete
transparency as to the suspicions.

（C）Confiscate the workstation while the suspected employee is out of the office, and perform the search
on bit-for-bit image of the hard drive.

（D）Confiscate the workstation while the suspected employee is out of the office, and perform a search on
the asset.

正解：D 解答を投票する

質問 4

DRAG DROP
When perpetrating an attack, there are often a number of phases attackers will undertake, sometimes
taking place over a long period of time. Place the following phases in the correct chronological order from
first (1) to last (5).

正解：

質問 5

An incident responder is investigating a Linux server reported to be "behaving strangely". Which of the
following commands should the incident responder use to identify any users currently logged into the
system? (Choose two.)

（A）w

（B）id

（C）lastlog

（D）Is

（E）lsof

正解：A 解答を投票する

質問 6

An alert has been triggered identifying a new application running on a Windows server. Which of the
following tools can be used to identify the application? (Choose two.)

（A）nbstat

（B）Task manager

（C）Hex editor

（D）Process explorer

（E）traceroute

正解：B、D 解答を投票する

質問 7

Which of the following are reasons that a hacker would execute a DoS or a DDoS attack? (Choose two.)

（A）To distract the incident response team

（B）To distract the remediation team

（C）To promote business operations

（D）To determine network bandwidth

（E）To compromise a system and reuse the IP address

正解：A、D 解答を投票する

質問 8

A malicious actor sends a crafted email to the office manager using personal information collected from
social media. This type of social engineering attack is known as:

（A）spear phishing

（B）vishing

（C）phishing

（D）whaling

正解：C 解答を投票する

質問 9

DRAG DROP
Drag and drop the following steps in the correct order from first (1) to last (7) that a forensic expert would
follow based on data analysis in a Windows system.

正解：

質問 10

During a malware outbreak, a security analyst has been asked to capture network traffic in hourly
increments for analysis by the incident response team . Which of the following tcpdump commands would
generate hourly pcap files?

（A）tcpdump -nn -i eth0 -w output.pcap

（B）tcpdump -nn -i eth0 -w output.pcap -c 100 -W 10

（C）tcpdump -nn -i eth0 -w output.pcap -W 24

（D）tcpdump -nn -i eth0 -w output.pcap -G 3600 -W 14

正解：C 解答を投票する

CFR-210 無料問題集「Logical Operations CyberSec First Responder」

弊社を連絡する

関連リンク

トップ試験