CFR-410 Sample Questions Answers

In which of the following attack phases would an attacker use Shodan?

When performing an investigation, a security analyst needs to extract information from text files in a Windows operating system. Which of the following commands should the security analyst use?

A user receives an email about an unfamiliar bank transaction, which includes a link. When clicked, the link redirects the user to a web page that looks exactly like their bank’s website and asks them to log in with their username and password. Which type of attack is this?

Network infrastructure has been scanned and the identified issues have been remediated. What is the next step in the vulnerability assessment process?

Which of the following are well-known methods that are used to protect evidence during the forensics process? (Choose three.)

A company website was hacked via the following SQL query:

email, passwd, login_id, full_name FROM members

WHERE email = “attacker@somewhere.com”; DROP TABLE members; –”

Which of the following did the hackers perform?

Which of the following enables security personnel to have the BEST security incident recovery practices?

As part of an organization’s regular maintenance activities, a security engineer visits the Internet Storm Center advisory page to obtain the latest list of blacklisted host/network addresses. The security engineer does this to perform which of the following activities?

Which of the following characteristics of a web proxy strengthens cybersecurity? (Choose two.)

Nmap is a tool most commonly used to:

An incident handler is assigned to initiate an incident response for a complex network that has been affected

by malware. Which of the following actions should be taken FIRST?

Which of the following is susceptible to a cache poisoning attack?