Online Access Free CFR-310 Exam Questions

As part of an organization's regular maintenance activities, a security engineer visits the Internet Storm Center advisory page to obtain the latest list of blacklisted host/network addresses. The security engineer does this to perform which of the following activities?

• A.Monitor the organization's network for suspicious traffic
• B.Update access control list (ACL) rules for network devices
• C.Update the latest proxy access list
• D.Monitor the organization's sensitive databases

A system administrator identifies unusual network traffic from outside the local network. Which of the following is the BEST method for mitigating the threat?

• A.Malware scanning
• B.Port blocking
• C.Content filtering
• D.Packet capturing

Which of the following are well-known methods that are used to protect evidence during the forensics process? (Choose three.)

• A.Security envelope
• B.Evidence bags
• C.Faraday boxes
• D.Lock box
• E.Caution tape
• F.Secure rooms

A suspicious script was found on a sensitive research system. Subsequent analysis determined that proprietary data would have been deleted from both the local server and backup media immediately following a specific administrator's removal from an employee list that is refreshed each evening. Which of the following BEST describes this scenario?

• A.Backdoor
• B.Login bomb
• C.Time bomb
• D.Rootkit

Which of the following is the FIRST step taken to maintain the chain of custody in a forensic investigation?

• A.Security and evaluating the electronic crime scene.
• B.Transporting the evidence to the forensics lab
• C.Conducting preliminary interviews
• D.Packaging the electronic device