CFR-210 Logical Operations CyberSec First Responder Questions and Answers

A system administrator is informed that a user received an email containing a suspicious attachment. Which of the following methods is the FASTEST way to determine whether the file is suspicious or not?

Customers are reporting issues connecting to a company’s Internet server. Which of the following device logs should a technician review in order to help identify the issue?

An incident responder is investigating a Linux server reported to be “behaving strangely”. Which of the following commands should the incident responder use to identify any users currently logged into the system? (Choose two.)

A security professional has been tasked with the protection of a specific set of information essential to a corporation’s livelihood, the exposure of which could cost the company billions of dollars in long-term revenue. The professional is interested in obtaining advice for preventing the theft of this type of information. Which of the following is the BEST resource for finding this material?

When investigating a wireless attack, which of the following can be obtained from the DHCP server?

While a network administrator is monitoring the company network, an unknown local IP address is starting to release high volumes of anonymous traffic to an unknown external IP address. Which of the following would indicate to the network administrator potential compromise?

A network administrator has been asked to configure a new network. It is the company’s policy to segregate network functions using different Virtual LANs (VLANs). On which of the following is this configuration MOST likely to occur?

Which of the following tools can be used to identify open ports and services?

Which of the following mitigations will remain intact, regardless of the underlying network protocol?

An organization needs to determine of any systems on its network (10.0.25.0/24) have web services running on port 80 or 443. Which of the following is the BEST command to do this?

Which of the following resources BEST supports malware analysis?

An incident responder suspects that a host behind a firewall is infected with malware. Which of the following should the responder use to find the IP address of the infected machine?