Online Access Free CFR-410 Exam Questions

Organizations considered "covered entities" are required to adhere to which compliance requirement?

• A.Health Insurance Portability and Accountability Act of 1996 (HIPAA)
• B.International Organization for Standardization (ISO) 27001
• C.Payment Card Industry Data Security Standard (PCI DSS)
• D.Sarbanes-Oxley Act (SOX)

Which of the following types of attackers would be MOST likely to use multiple zero-day exploits executed against high-value, well-defended targets for the purposes of espionage and sabotage?

• A.State-sponsored hackers
• B.Hacktivists
• C.Cyberterrorist
• D.Cybercriminals

During which of the following attack phases might a request sent to port 1433 over a whole company network be seen within a log?

• A.Reconnaissance
• B.Scanning
• C.Persistence
• D.Gaining access

According to company policy, all accounts with administrator privileges should have suffix _ja. While reviewing Windows workstation configurations, a security administrator discovers an account without the suffix in the administrator's group. Which of the following actions should the security administrator take?

• A.Review the system log on the affected workstation.
• B.Review the system log on a domain controller.
• C.Review the security log on a domain controller.
• D.Review the security log on the affected workstation.

A web server is under a denial of service (DoS) attack. The administrator reviews logs and creates an access control list (ACL) to stop the attack. Which of the following technologies could perform these steps automatically in the future?

• A.Blacklisting
• B.Intrusion prevention system (IPS)
• C.Intrusion detection system (IDS)
• D.Whitelisting