certnexus cfr-410 practice test

A cybersecurity expert assigned to be the IT manager of a middle-sized company discovers that there
is little endpoint security implementation on the company’s systems. Which of the following could
be included in an endpoint security solution? (Choose two.)

• A. Web proxy
• B. Network monitoring system
• C. Data loss prevention (DLP)
• D. Anti-malware
• E. Network Address Translation (NAT)

During a security investigation, a suspicious Linux laptop is found in the server room. The laptop is
processing information and indicating network activity. The investigator is preparing to launch an
investigation to
determine what is happening with this laptop. Which of the following is the MOST appropriate set of
Linux commands that should be executed to conduct the investigation?

• A. iperf, traceroute, whois, ls, chown, cat
• B. iperf, wget, traceroute, dc3dd, ls, whois
• C. lsof, chmod, nano, whois, chown, ls
• D. lsof, ifconfig, who, ps, ls, tcpdump

A security analyst is required to collect detailed network traffic on a virtual machine. Which of the
following tools could the analyst use?

• A. nbtstat
• B. WinDump
• C. fport
• D. netstat

After a security breach, a security consultant is hired to perform a vulnerability assessment for a
company’s web application. Which of the following tools would the consultant use?

• A. Nikto
• B. Kismet
• C. tcpdump
• D. Hydra

When performing an investigation, a security analyst needs to extract information from text files in a
Windows operating system. Which of the following commands should the security analyst use?

• A. findstr
• B. grep
• C. awk
• D. sigverif

Which of the following does the command nmap –open 10.10.10.3 do?

• A. Execute a scan on a single host, returning only open ports.
• B. Execute a scan on a subnet, returning detailed information on open ports.
• C. Execute a scan on a subnet, returning all hosts with open ports.
• D. Execute a scan on a single host, returning open services.

A web server is under a denial of service (DoS) attack. The administrator reviews logs and creates an
access control list (ACL) to stop the attack. Which of the following technologies could perform these
steps automatically in the future?

• A. Intrusion prevention system (IPS)
• B. Intrusion detection system (IDS)
• C. Blacklisting
• D. Whitelisting

An organization recently suffered a breach due to a human resources administrator emailing
employee names and Social Security numbers to a distribution list. Which of the following tools
would help mitigate this risk from recurring?

• A. Data loss prevention (DLP)
• B. Firewall
• C. Web proxy
• D. File integrity monitoring

An incident responder was asked to analyze malicious traffic. Which of the following tools would be
BEST for this?

• A. Hex editor
• B. tcpdump
• C. Wireshark
• D. Snort

A network administrator has determined that network performance has degraded due to excessive
use of
social media and Internet streaming services. Which of the following would be effective for limiting
access to these types of services, without completely restricting access to a site?

• A. Whitelisting
• B. Web content filtering
• C. Network segmentation
• D. Blacklisting