Logical Operations CFR-210 Certified CyberSec First Responder CFR Exam Practice Test

A UNIX workstation has been compromised. The security analyst discovers high CPU usage during off-hours on the workstation. Which of the following UNIX programs can be used to detect the rogue process? (Choose two.)

Click the exhibit button. After reviewing captured network traffic logs, a security auditor suspects a violation of the organization's computer use policy. Which of the following is the likely indicator of the violation?

A logfile generated from a Windows server was moved to a Linux system for further analysis. A system administrator is now making edits to the file with vi and notices the file contains numerous instances of Ctrl-M (^M) characters. Which of the following command line tools is the administrator MOST likely to use to remove these characters from the logfile? (Choose two.)

Which of the following are reasons that a hacker would execute a DoS or a DDoS attack? (Choose two.)

Which of the following is the reason that out-of-band communication is used during a security incident?

When determining the threats/vulnerabilities to migrate, it is important to identify which are applicable. Which of the following is the FIRST step to determine applicability?

An attacker has exfiltrated the SAM file from a Windows workstation. Which of the following attacks is MOST likely being perpetrated?