Free CyberSec First Responder Exam CFR-310 Exam Practice Test

According to Payment Card Industry Data Security Standard (PCI DSS) compliance requirements, an organization must retain logs for what length of time?

• 3 months
  
• 6 months
  
• 1 year
  
• 5 years
  

An organization recently suffered a breach due to a human resources administrator emailing employee names and Social Security numbers to a distribution list. Which of the following tools would help mitigate this risk from recurring?

• Data loss prevention (DLP)
  
• Firewall
  
• Web proxy
  
• File integrity monitoring
  

A company that maintains a public city infrastructure was breached and information about future city projects was leaked. After the post-incident phase of the process has been completed, which of the following would bePRIMARY focus of the incident response team?

• Restore service and eliminate the business impact.
  
• Determine effective policy changes.
  
• Inform the company board about the incident.
  
• Contact the city police for official investigation.
  

Which of the following describes United States federal government cybersecurity policies and guidelines?

• NIST
  
• ANSI
  
• NERC
  
• GDPR
  

In which of the following attack phases would an attacker use Shodan?

• Scanning
  
• Reconnaissance
  
• Gaining access
  
• Persistence
  

It was recently discovered that many of an organization's servers were running unauthorized cryptocurrency mining software. Which of the following assets were being targeted in this attack? (Choose two.)

• Power resources
  
• Network resources
  
• Disk resources
  
• Computing resources
  
• Financial resources
  

Which of the following is a method of reconnaissance in which a ping is sent to a target with the expectation of receiving a response?

• Active scanning
  
• Passive scanning
  
• Network enumeration
  
• Application enumeration
  

A security analyst is required to collect detailed network traffic on a virtual machine. Which of the following tools could the analyst use?

• nbtstat
  
• WinDump
  
• fport
  
• netstat
  

A security administrator notices a process running on their local workstation called SvrsScEsdKexzCv.exe.The unknown process is MOST likely:

• Malware
  
• A port scanner
  
• A system process
  
• An application process
  

Which of the following does the command nmap --open 10.10.10.3 do?

• Execute a scan on a single host, returning only open ports.
  
• Execute a scan on a subnet, returning detailed information on open ports.
  
• Execute a scan on a subnet, returning all hosts with open ports.
  
• Execute a scan on a single host, returning open services.