CFR-210 무료 덤프문제 온라인 액세스

An attacker performs reconnaissance on a Chief Executive Officer (CEO) using publicity available
resources to gain access to the CEO's office. The attacker was in the CEO's office for less than five
minutes, and the attack left no traces in any logs, nor was there any readily identifiable cause for the
exploit. The attacker in then able to use numerous credentials belonging to the CEO to conduct a variety
of further attacks. Which of the following types of exploit is described?

• A.Keylogging
• B.Whaling
• C.Pivoting
• D.Malicious linking

An organization's public information website has been defaced. The incident response team is actively
engaged in the following actions:
-Installing patches on the web server
-Turning off unnecessary services on web server
-Adding new ACL rules to the WAF
-Changing all passwords on web server accounts
Which of the following incident response phases is the team MOST likely conducting?

• A.Contain
• B.Respond
• C.Identify
• D.Recover

A forensics analyst is analyzing an executable and thinks it may have some text of interest hidden within it.
Which of the following tools can the analyst use to assist in validating the suspicion?

• A.hex editor
• B.more
• C.lsof
• D.cat command

An analyst would like to search for a specific text string at the beginning of a line that begins with four
capital alphabetic characters. Which of the following search operators should be used?

• A./\b\w{4}\b
• B./B[A-Z]{4}\b\g
• C./\b[A-Z]{4}\g
• D./A\w{4}\b

Which of the following is the BEST way to capture all network traffic between hosts on a segmented
network?

• A.Protocol analyzer
• B.Firewall
• C.Router
• D.HIPS