[Jan 18, 2022] Free CertNexus Certification CFR-310 Official Cert Guide PDF Download [Q17-Q36]

NO.17 Which of the following is the GREATEST risk of having security information and event management (SIEM) collect computer names with older log entries?

NO.18 An administrator believes that a system on VLAN 12 is Address Resolution Protocol (ARP) poisoning clients on the network. The administrator attaches a system to VLAN 12 and uses Wireshark to capture traffic. After reviewing the capture file, the administrator finds no evidence of ARP poisoning. Which of the following actions should the administrator take next?

NO.19 A cybersecurity expert assigned to be the IT manager of a middle-sized company discovers that there is little endpoint security implementation on the company’s systems. Which of the following could be included in an endpoint security solution? (Choose two.)

NO.20 After successfully enumerating the target, the hacker determines that the victim is using a firewall. Which of the following techniques would allow the hacker to bypass the intrusion prevention system (IPS)?

NO.21 When tracing an attack to the point of origin, which of the following items is critical data to map layer 2 switching?

NO.22 Senior management has stated that antivirus software must be installed on all employee workstations.
Which of the following does this statement BEST describe?

NO.23 Which of the following is an automated password cracking technique that uses a combination of uppercase and lowercase letters, 0-9 numbers, and special characters?

NO.24 Organizations considered “covered entities” are required to adhere to which compliance requirement?

NO.25 An automatic vulnerability scan has been performed. Which is the next step of the vulnerability assessment process?

NO.26 According to Payment Card Industry Data Security Standard (PCI DSS) compliance requirements, an organization must retain logs for what length of time?

NO.27 To minimize vulnerability, which steps should an organization take before deploying a new Internet of Things (IoT) device? (Choose two.)

NO.28 Which common source of vulnerability should be addressed to BEST mitigate against URL redirection attacks?

NO.29 A Windows system administrator has received notification from a security analyst regarding new malware that executes under the process name of “armageddon.exe” along with a request to audit all department workstations for its presence. In the absence of GUI-based tools, what command could the administrator execute to complete this task?

NO.30 Which of the following is susceptible to a cache poisoning attack?

NO.31 When performing an investigation, a security analyst needs to extract information from text files in a Windows operating system. Which of the following commands should the security analyst use?

NO.32 An administrator believes that a system on VLAN 12 is Address Resolution Protocol (ARP) poisoning clients on the network. The administrator attaches a system to VLAN 12 and uses Wireshark to capture traffic. After reviewing the capture file, the administrator finds no evidence of ARP poisoning. Which of the following actions should the administrator take next?

NO.33 A common formula used to calculate risk is: _____________ + Threats + Vulnerabilities = Risk. Which of the following represents the missing factor in this formula?

NO.34 Network infrastructure has been scanned and the identified issues have been remediated. What is the next step in the vulnerability assessment process?

NO.35 A security administrator needs to review events from different systems located worldwide. Which of the following is MOST important to ensure that logs can be effectively correlated?

NO.36 According to company policy, all accounts with administrator privileges should have suffix _ja. While reviewing Windows workstation configurations, a security administrator discovers an account without the suffix in the administrator’s group. Which of the following actions should the security administrator take?