CFR-310 Dumps CFR-310 Braindumps

CFR-310 Real Questions CFR-310 Practice Test CFR-310 Actual Questions


killexams.com CertNexus CFR-310


CyberSec First Responder


https://killexams.com/pass4sure/exam-detail/CFR-310

QUESTION 92

Which of the following are part of the hardening phase of the vulnerability assessment process? (Choose two.)

  1. Installing patches

  2. Updating configurations

  3. Documenting exceptions

  4. Conducting audits

  5. Generating reports


Correct Answer: AB


QUESTION 93 To minimize vulnerability, which steps should an organization take before deploying a new Internet of Things (IoT) device? (Choose two.)


  1. Changing the default password

  2. Updating the device firmware

  3. Setting up new users

  4. Disabling IPv6

  5. Enabling the firewall


Correct Answer: BE


QUESTION 94 The Key Reinstallation Attack (KRACK) vulnerability is specific to which types of devices? (Choose two.)


  1. Wireless router

  2. Switch

  3. Firewall

  4. Access point

  5. Hub


Correct Answer: AE


Reference: https://www.kaspersky.com/blog/krackattack/19798/


QUESTION 95 While planning a vulnerability assessment on a computer network, which of the following is essential? (Choose two.)


  1. Identifying exposures

  2. Identifying critical assets

  3. Establishing scope

  4. Running scanning tools

  5. Installing antivirus software


Correct Answer: AC


QUESTION 96 Which of the following attacks involves sending a large amount of spoofed User Datagram Protocol (UDP) traffic to a router’s broadcast address within a network?


  1. Land attack

  2. Fraggle attack

  3. Smurf attack

  4. Teardrop attack


Correct Answer: C


Reference: https://books.google.com.pk/books?id=rCx5OfSFUPkC&pg=RA7-PA8&lpg=RA7-PA8&dq=attacks+involves+sending+a+large+amount+of+spoofed+User+Datagram+Protocol+(UDP)+traffic+to+a+router%E2%80%99s+broadcast

+address+within+a+network&source=bl&ots=aKV7j5UIQx&sig=ACfU3U0EkAK3nHXfUCJco5xVhckbtrT68w&hl=en&sa=X&ved=2ahUKEwjMlPWLz7bpAhUBrxoKHQNyAVoQ6AEwAHoECBUQAQ#v=onepage&q=attacks%20involves% 20sending%20a%20large%20amount%20of%20spoofed%20User%20Datagram%20Protocol%20(UDP)%20traffic%20to%20a%20router%E2%80%99s%20broadcast%20address%20within%20a%20network&f=false


QUESTION 97

An automatic vulnerability scan has been performed. Which is the next step of the vulnerability assessment process?


  1. Hardening the infrastructure

  2. Documenting exceptions

  3. Assessing identified exposures

  4. Generating reports


Correct Answer: D


Reference: https://securityintelligence.com/a-step-by-step-guide-to-vulnerability-assessment/


QUESTION 98 An organization recently suffered a data breach involving a server that had Transmission Control Protocol (TCP) port 1433 inadvertently exposed to the Internet. Which of the following services was vulnerable?


  1. Internet Message Access Protocol (IMAP)

  2. Network Basic Input/Output System (NetBIOS)

  3. Database

  4. Network Time Protocol (NTP)


Correct Answer: C


Reference: https://www.princeton.edu/~rblee/ELE572Papers/Fall04Readings/DDoSSurveyPaper_20030516_Final.pd(f9)


QUESTION 99 Which of the following are common areas of vulnerabilities in a network switch? (Choose two.)

  1. Default port state

  2. Default credentials

  3. Default protocols

  4. Default encryption

  5. Default IP address


Correct Answer: AB


QUESTION 100 Which of the following is susceptible to a cache poisoning attack?


  1. Domain Name System (DNS)

  2. Secure Shell (SSH)

  3. Hypertext Transfer Protocol Secure (HTTPS)

  4. Hypertext Transfer Protocol (HTTP)


Correct Answer: A

Section: (none)


Reference: https://www.sciencedirect.com/topics/computer-science/cache-poisoning-attack