CertNexus CFR-410 - CyberSec First Responder Exam
Page: 2 / 16
Total 80 questions
Question #6 (Topic: Exam A)
Vulnerability scanners generally classify vulnerabilities by which of the following? (Choose two.)
A. Exploit range
B. Costs
C. Severity level
D. Zero days
E. Threat modeling
Answer: CD
Question #7 (Topic: Exam A)
Which standard was implemented in the United States to protect the privacy of patient medical information through restricted access to medical records and regulations for sharing medical records?
A. NIST
B. GLBA
C. SOX
D. HIPAA
Answer: D
Question #8 (Topic: Exam A)
Which answer option is a tactic of social engineering in which an attacker engages in an attack performed by phone?
A. Smishing
B. Pretexting
C. Vishing
D. Phishing
Answer: C
Question #9 (Topic: Exam A)
Which three answer options are password attack methods and techniques? (Choose three.)
A. Cross-Site Scripting attack
B. Brute force attack
C. Man-in-the-middle attack
D. Hybrid attack
E. Dictionary attack
Answer: BDE
Question #10 (Topic: Exam A)
What describes the BEST approach for developing a plan to continuously assess and track vulnerabilities on all organizational assets and infrastructure in order to remediate and minimize the opportunity for attacks?
A. Establish and maintain a risk-based remediation strategy.
B. Establish and maintain detailed enterprise asset inventory.
C. Establish and maintain a data classification scheme.
D. Establish and maintain a data management process.
Answer: A
