CFR-410 by CertNexus Actual Free Exam Questions And Answers

Question 1

While performing routing maintenance on a Windows Server, a technician notices several unapproved Windows Updates and that remote access software has been installed. The technician suspects that a malicious actor has gained access to the system. Which of the following steps in the attack process does this activity indicate?

A. Scanning

B. Expanding access

C. Persistence

D. Covering tracks

Discussion 0

Correct Answer: B Vote an answer

Question 2

Which three of the following are included in encryption architecture? (Choose three.)

A. Certificate

B. Encryption engine

C. Data

D. Encryption keys

E. Database encryption

Discussion 0

Correct Answer: A,B,D Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 3

Network infrastructure has been scanned and the identified issues have been remediated. What is the next step in the vulnerability assessment process?

A. Generating reports

B. Assessing exposures

C. Conducting an audit

D. Establishing scope

Discussion 0

Correct Answer: C Vote an answer

Question 4

What allows a company to restore normal business operations in a matter of minutes or seconds?

A. Hot site

B. Mobile site

C. Cold site

D. Warm site

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 5

Which three tools are used for integrity verification of files? (Choose three.)

A. ent

B. sha256sum

C. md5sum

D. md5deep

E. pgp32

Discussion 0

Correct Answer: B,C,D Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 6

The statement of applicability (SOA) document forms a fundamental part of which framework?

A. HIPAA

B. Generally Accepted Privacy Principles (GAPP)

C. ISO/IEC 27000 series

D. NIST Privacy Framework

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 7

An incident at a government agency has occurred and the following actions were taken:
-Users have regained access to email accounts
-Temporary VPN services have been removed
-Host-based intrusion prevention system (HIPS) and antivirus (AV) signatures have been updated
-Temporary email servers have been decommissioned
Which of the following phases of the incident response process match the actions taken?

A. Post-incident

B. Containment

C. Identification

D. Recovery

Discussion 0

Correct Answer: B Vote an answer

Question 8

What is the definition of a security breach?

A. An event or series of correlated events that indicate a potential violation of some control or policy.

B. An event or series of uncorrelated events that indicate a potential violation of some control or policy has occurred.

C. Unauthorized access that violates the confidentiality, integrity, or availability of an information asset in the form of unintentional access, destruction, or manipulation of an information asset.

D. Unauthorized access that violates the authentication, authorization, and accounting of an information asset through intentional access, destruction, or manipulation of an information asset.

Discussion 0

Correct Answer: D Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 9

To minimize vulnerability, which steps should an organization take before deploying a new Internet of Things (IoT) device? (Choose two.)

A. Enabling the firewall

B. Updating the device firmware

C. Changing the default password

D. Disabling IPv6

E. Setting up new users

Discussion 0

Correct Answer: A,B Vote an answer

Question 10

An organization that recently suffered a ransomware attack found that its backups were faulty. Which of the following steps could BEST ensure reliable backups in the future?

A. Implementing periodic tests of backups.

B. Backing up all data to solid-state storage.

C. Storing backups at an offsite location.

D. Conducting a full asset inventory assessment.

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 11

The Key Reinstallation Attack (KRACK) vulnerability is specific to which types of devices? (Choose two.)

A. Wireless router

B. Access point

C. Firewall

D. Switch

E. Hub

Discussion 0

Correct Answer: A,E Vote an answer

Question 12

A company that maintains a public city infrastructure was breached and information about future city projects was leaked. After the post-incident phase of the process has been completed, which of the following would be PRIMARY focus of the incident response team?

A. Restore service and eliminate the business impact.

B. Inform the company board about the incident.

C. Contact the city police for official investigation.

D. Determine effective policy changes.

Discussion 0

Correct Answer: D Vote an answer

Question 13

Which of the following security best practices should a web developer reference when developing a new web- based application?

A. Open Web Application Security Project (OWASP)

B. Control Objectives for Information and Related Technology (COBIT)

C. World Wide Web Consortium (W3C)

D. Risk Management Framework (RMF)

Discussion 0

Correct Answer: A Vote an answer

CertNexus CyberSec First Responder - CFR-410 Exam Practice Test

Contact Us

Useful Links

Latest Updated