Leads4pass > CertNexus > CertNexus Certifications > CFR-410 > CFR-410 Online Practice Questions and Answers

CFR-410 Online Practice Questions and Answers

Questions 4

A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also establishing a connection to IP 88.143.12.123. Which of the following commands should the administrator use to capture only the traffic between the two hosts?

A. # tcpdump -i eth0 host 88.143.12.123

B. # tcpdump -i eth0 dst 88.143.12.123

C. # tcpdump -i eth0 host 192.168.10.121

D. # tcpdump -i eth0 src 88.143.12.123

Buy Now
Questions 5

Which of the following is a cybersecurity solution for insider threats to strengthen information protection?

A. Web proxy

B. Data loss prevention (DLP)

C. Anti-malware

D. Intrusion detection system (IDS)

Buy Now
Questions 6

After a security breach, a security consultant is hired to perform a vulnerability assessment for a company's web application. Which of the following tools would the consultant use?

A. Nikto

B. Kismet

C. tcpdump

D. Hydra

Buy Now
Questions 7

An administrator believes that a system on VLAN 12 is Address Resolution Protocol (ARP) poisoning clients on the network. The administrator attaches a system to VLAN 12 and uses Wireshark to capture traffic. After reviewing the capture file, the administrator finds no evidence of ARP poisoning. Which of the following actions should the administrator take next?

A. Clear the ARP cache on their system.

B. Enable port mirroring on the switch.

C. Filter Wireshark to only show ARP traffic.

D. Configure the network adapter to promiscuous mode.

Buy Now
Questions 8

In which of the following attack phases would an attacker use Shodan?

A. Scanning

B. Reconnaissance

C. Gaining access

D. Persistence

Buy Now
Questions 9

A security professional discovers a new ransomware strain that disables antivirus on the endpoint during an infection. Which location would be the BEST place for the security professional to find technical information about this malware?

A. Threat intelligence feeds

B. Computer emergency response team (CERT) press releases

C. Vulnerability databases

D. Social network sites

Buy Now
Questions 10

Which of the following is a method of reconnaissance in which a ping is sent to a target with the expectation of receiving a response?

A. Active scanning

B. Passive scanning

C. Network enumeration

D. Application enumeration

Buy Now
Questions 11

A common formula used to calculate risk is: _____________ + Threats + Vulnerabilities = Risk. Which of the following represents the missing factor in this formula?

A. Exploits

B. Security

C. Asset

D. Probability

Buy Now
Questions 12

Which of the following methods are used by attackers to find new ransomware victims? (Choose two.)

A. Web crawling

B. Distributed denial of service (DDoS) attack

C. Password guessing

D. Phishing

E. Brute force attack

Buy Now
Questions 13

When attempting to determine which system or user is generating excessive web traffic, analysis of which of the following would provide the BEST results?

A. Browser logs

B. HTTP logs

C. System logs

D. Proxy logs

Buy Now
Exam Code: CFR-410
Exam Name: CyberSec First Responder (CFR)
Last Update: Jul 07, 2026
Questions: 180
10%OFF Coupon Code: SAVE10

PDF (Q&A)

$49.99

VCE

$55.99

PDF + VCE

$65.99