New Year Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

CFR-410 Questions and Answers

Question # 6

Which of the following is the GREATEST risk of having security information and event management (SIEM) collect computer names with older log entries?

A.

There may be duplicate computer names on the network.

B.

The computer name may not be admissible evidence in court.

C.

Domain Name System (DNS) records may have changed since the log was created.

D.

There may be field name duplication when combining log files.

Full Access
Question # 7

Which of the following does the command nmap –open 10.10.10.3 do?

A.

Execute a scan on a single host, returning only open ports.

B.

Execute a scan on a subnet, returning detailed information on open ports.

C.

Execute a scan on a subnet, returning all hosts with open ports.

D.

Execute a scan on a single host, returning open services.

Full Access
Question # 8

During which of the following attack phases might a request sent to port 1433 over a whole company network be seen within a log?

A.

Reconnaissance

B.

Scanning

C.

Gaining access

D.

Persistence

Full Access
Question # 9

Organizations considered “covered entities” are required to adhere to which compliance requirement?

A.

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

B.

Payment Card Industry Data Security Standard (PCI DSS)

C.

Sarbanes-Oxley Act (SOX)

D.

International Organization for Standardization (ISO) 27001

Full Access
Question # 10

After successfully enumerating the target, the hacker determines that the victim is using a firewall. Which of the following techniques would allow the hacker to bypass the intrusion prevention system (IPS)?

A.

Stealth scanning

B.

Xmas scanning

C.

FINS scanning

D.

Port scanning

Full Access
Question # 11

Tcpdump is a tool that can be used to detect which of the following indicators of compromise?

A.

Unusual network traffic

B.

Unknown open ports

C.

Poor network performance

D.

Unknown use of protocols

Full Access
Question # 12

During which phase of a vulnerability assessment would a security consultant need to document a requirement to retain a legacy device that is no longer supported and cannot be taken offline?

A.

Conducting post-assessment tasks

B.

Determining scope

C.

Identifying critical assets

D.

Performing a vulnerability scan

Full Access
Question # 13

A company has noticed a trend of attackers gaining access to corporate mailboxes. Which of the following

would be the BEST action to take to plan for this kind of attack in the future?

A.

Scanning email server for vulnerabilities

B.

Conducting security awareness training

C.

Hardening the Microsoft Exchange Server

D.

Auditing account password complexity

Full Access
Question # 14

Which of the following, when exposed together, constitutes PII? (Choose two.)

A.

Full name

B.

Birth date

C.

Account balance

D.

Marital status

E.

Employment status

Full Access
Question # 15

While planning a vulnerability assessment on a computer network, which of the following is essential? (Choose two.)

A.

Identifying exposures

B.

Identifying critical assets

C.

Establishing scope

D.

Running scanning tools

E.

Installing antivirus software

Full Access