CFR-410 Free Practice Test

Which of the following are legally compliant forensics applications that will detect an alternative data stream (ADS) or a file with an incorrect file extension? (Choose two.)

1. A. Disk duplicator
2. B. EnCase
3. C. dd
4. D. Forensic Toolkit (FTK)
5. E. Write blocker

Correct Answer: BD

After successfully enumerating the target, the hacker determines that the victim is using a firewall. Which of the following techniques would allow the hacker to bypass the intrusion prevention system (IPS)?

1. A. Stealth scanning
2. B. Xmas scanning
3. C. FINS scanning
4. D. Port scanning

Correct Answer: C

Which of the following is a cybersecurity solution for insider threats to strengthen information protection?

1. A. Web proxy
2. B. Data loss prevention (DLP)
3. C. Anti-malware
4. D. Intrusion detection system (IDS)

Correct Answer: B

During which of the following attack phases might a request sent to port 1433 over a whole company network be seen within a log?

1. A. Reconnaissance
2. B. Scanning
3. C. Gaining access
4. D. Persistence

Correct Answer: B

An incident at a government agency has occurred and the following actions were taken:
-Users have regained access to email accounts
-Temporary VPN services have been removed
-Host-based intrusion prevention system (HIPS) and antivirus (AV) signatures have been updated
-Temporary email servers have been decommissioned
Which of the following phases of the incident response process match the actions taken?

1. A. Containment
2. B. Post-incident
3. C. Recovery
4. D. Identification

Correct Answer: A