Practice CFR-410 Exam Online

Question 1

Which asset would be the MOST desirable for a financially motivated attacker to obtain from a health insurance company?

A : Transaction logs

B : Intellectual property

C : PII/PHI

D : Network architecture

Answer: C

Question 2

As part of an organization’s regular maintenance activities, a security engineer visits the Internet Storm Center

advisory page to obtain the latest list of blacklisted host/network addresses. The security engineer does this to

perform which of the following activities?

A : Update the latest proxy access list

B : Monitor the organization’s network for suspicious traffic

C : Monitor the organization’s sensitive databases

D : Update access control list (ACL) rules for network devices

Answer: D

Question 3

After a hacker obtained a shell on a Linux box, the hacker then sends the exfiltrated data via Domain Name

System (DNS). This is an example of which type of data exfiltration?

A : Covert channels

B : File sharing services

C : Steganography

D : Rogue service

Answer: A

Question 4

While reviewing some audit logs, an analyst has identified consistent modifications to the sshd_config file for

an organization’s server. The analyst would like to investigate and compare contents of the current file with

archived versions of files that are saved weekly. Which of the following tools will be MOST effective during

the investigation?

A : cat * | cut –d ‘,’ –f 2,5,7

B : more * | grep

C : diff

D : sort *

Answer: C

Question 5

Which of the following, when exposed together, constitutes PII? (Choose two.)

A : Full name

B : Birth date

C : Account balance

D : Marital status

E : Employment status

Answer: A,C

CertNexus CFR-410