Free CFR-310 Exam Braindumps (page: 11)

Page 10 of 26

During which of the following attack phases might a request sent to port 1433 over a whole company network be seen within a log?

  1. Reconnaissance
  2. Scanning
  3. Gaining access
  4. Persistence

Answer(s): B


Reference:

https://blog.stealthbits.com/finding-microsoft-sql-server-targets-sql-attacks/



An attacker intercepts a hash and compares it to pre-computed hashes to crack a password. Which of the following methods has been used?

  1. Password sniffing
  2. Brute force attack
  3. Rainbow tables
  4. Dictionary attack

Answer(s): C


Reference:

https://books.google.com.pk/books?id=knlkHAsKNRwC&pg=PA174&lpg=PA174&dq=attacker+intercepts+a+hash+and+compares+it+to+pre-computed+hashes+to+crack+a+password&source=bl&ots=k8bSf5CPV7&sig=ACfU3U1ZagQatV8sP0-7-zS7RU_EsKoQAw&hl=en&sa=X&ved=2ahUKEwj_k6f-prbpAhUBBGMBHeQaCdwQ6AEwCXoECBMQAQ#v=onepage&q=attacker%20intercepts%20a%20hash% 20and%20compares%20it%20to%20pre-omputed%20hashes%20to%20crack%20a%20password&f=false



As part of an organization’s regular maintenance activities, a security engineer visits the Internet Storm Center advisory page to obtain the latest list of blacklisted host/network addresses. The security engineer does this to perform which of the following activities?

  1. Update the latest proxy access list
  2. Monitor the organization’s network for suspicious traffic
  3. Monitor the organization’s sensitive databases
  4. Update access control list (ACL) rules for network devices

Answer(s): D



Which of the following, when exposed together, constitutes PII? (Choose two.)

  1. Full name
  2. Birth date
  3. Account balance
  4. Marital status
  5. Employment status

Answer(s): A,C


Reference:

https://www.lifelock.com/learn-identity-theft-resources-what-is-personally-identifiable-information.html






Post your Comments and Discuss CertNexus CFR-310 exam with other Community members:

CFR-310 Discussions & Posts