New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Ace the Logical Operations CFR-210 Exam: Ultimate Preparation Guide

Questions 1

An alert has been triggered identifying a new application running on a Windows server. Which of the following tools can be used to identify the application? (Choose two.)

Options:
A.

traceroute

B.

nbstat

C.

Hex editor

D.

Task manager

E.

Process explorer

Questions 2

An incident responder suspects that a host behind a firewall is infected with malware. Which of the following should the responder use to find the IP address of the infected machine?

Options:
A.

NAT table

B.

ARP cache

C.

DNS cache

D.

CAM cable

Questions 3

A DMZ web server has been compromised. During the log review, the incident responder wants to parse all common internal Class A addresses from the log. Which of the following commands should the responder use to accomplish this?

Options:
A.

grep –x”(10.[0-9]+.[0-9]+.[0-9]+)” etc/rc.d/apache2/access.log | output.txt

B.

grep –x”(192.168.[0.9]+[0-9])” bin/apache2/access.log | output.txt

C.

grep –v”(10.[0-9]+.[0-9]+.[0-9]+)” /var/log/apache2/access.log > output.txt

D.

grep –v”(192.168.[0.9]+[0-9]+)” /var/log/apache2/access.log > output.txt

Questions 4

Click the exhibit button. After reviewing captured network traffic logs, a security auditor suspects a violation of the organization’s computer use policy. Which of the following is the likely indicator of the violation?

CFR-210 Question 4

CFR-210 Question 4

Options:
A.

Unauthorized programs

B.

Malicious software

C.

Service disruption

D.

Registry entries

E.

New user account

Questions 5

Malicious code that can replicate itself using various techniques is referred to as a:

Options:
A.

downloader

B.

rootkit

C.

launcher

D.

worm

Questions 6

A suspicious laptop is found in a datacenter. The laptop is on and processing data, although there is no application open on the screen. Which of the following BEST describes a Windows tool and technique that an investigator should use to analyze the laptop’s RAM for working applications?

Options:
A.

Net start and Network analysis

B.

Regedit and Registry analysis

C.

Task manager and Application analysis

D.

Volatility and Memory analysis

Questions 7

A malicious actor sends a crafted email to the office manager using personal information collected from social media. This type of social engineering attack is known as:

Options:
A.

spear phishing

B.

vishing

C.

phishing

D.

whaling

Questions 8

Which of the following are reasons that a hacker would execute a DoS or a DDoS attack? (Choose two.)

Options:
A.

To determine network bandwidth

B.

To distract the incident response team

C.

To distract the remediation team

D.

To promote business operations

E.

To compromise a system and reuse the IP address

Questions 9

During review of a company’s web server logs, the following items are discovered:

2015-03-01 03:32:11 www.example.com/index.asp?id=-999 or 1=convert(int,@@version)—

2015-03-01 03:35:33 www.example.com/index.asp?id=-999 or 1=convert(int,db_name())—

2015-03-01 03:38:25 www.example.com/index.asp?id=-999 or 1=convert(int,user_name())—

Which of the following is depicted in the log example above?

Options:
A.

An administrator using the web interface for application maintenance

B.

Normal web application traffic

C.

A web application scan

D.

An attempt at enumeration via SQL injection

Questions 10

To redact or obfuscate sensitive data, a company requires its name be changed throughout a port-incident report. Using a Linux sed command, which of the following will replace the company’s name with “Acme”?

Options:
A.

/Orange/Acme/g

B.

s/Acme/Orange/g

C.

/Acme/Orange/g

D.

s/Orange/Acme/g

Exam Code: CFR-210
Certification Provider: Logical Operations
Exam Name: Logical Operations CyberSec First Responder
Last Update: Jan 19, 2025
Questions: 100

Logical Operations Related Exams

How to pass CertNexus CFR-410 - CyberSec First Responder (CFR) Exam Exam

Logical Operations Free Exams

Logical Operations Free Exams
Examstrack provides free Logical Operations exam prep materials and practice tests to support your Logical Operations certification goals.