Monday, 17 February 2020

Logical Operations CFR-210 Questions Answers

An incident responder is asked to create a disk image of a compromised Linux server. Which of the following commands should be used to do this?

A. dd
B. Isof
C. gzip
D. fdisk
E. mbr

Answer: A


An intruder gains physical access to a company’s headquarters. The intruder is able to access the company’s network via a visitor’s office. The intruder sets up an
attack device, under the visitor’s office desk, that impersonates the corporate wireless network. Users at headquarters begin to notice slow browsing speeds from
their company laptops. Which of the following attacks is MOST likely occurring?


A. Man-in-the-middle
B. Denial of service
C. Social engineering
D. ARP table poisoning

Answer: D

Tuesday, 1 October 2019

Logical Operations CFR-210 Question Answer

Which of the following can hackers use to gain access to a system over the network without knowing the actual password?

A. User enumeration
B. Pass the hash
C. Port scanning
D. Password cracking

Answer: B


A Windows system user reports seeing a command prompt window pop up briefly during each login. In which of the following locations would an incident responder check to explain this activity?


A. rc.d
B. HKLM “RunOnce” key
C. c:\temp
D. /etc/init.d/

Answer: C

Tuesday, 31 July 2018

Logical Operations CFR-210 Question Answer

Which of the following describes pivoting?

A. Copying captured data to a hacker's system
B. Performing IP packet inspection
C. Generating excessive network traffic
D. Accessing another system from a compromised system

Answer: D

Tuesday, 27 February 2018

Logical Operations CFR-210 Question Answer

Which of the following is the reason that out-of-band communication is used during a security incident?

A. The SMTP server may be compromised.
B. The incident response systems may be busy.
C. Other communication methods are unreliable.
D. An attacker could be monitoring network traffic.

Answer: C



Which of the following are legally compliant forensics applications that will detect ADS or a file
with an incorrect file extension? (Choose two.)


A. Regedit
B. EnCase
C. dd
D. FTK
E. Procmon

Answer: A,C

Wednesday, 27 December 2017

Why A Mars-Orbiting Space Station Is A Logical Next Step

In this era of great dreams and great conversations, the idea of financing an outpost with crew for the orbit of Mars seems to be the next logical step. That is, before the boots hit the Martian surface.

Lockheed Martin Space recently revealed new details about its idea of a base camp on Mars that would eventually house a crew of six in the orbit of Mars. The proposal depends on NASA's space launch system (SLS) and its Orion spacecraft that Lockheed Martin is designing for NASA.


Lockheed Martin says that Orion is the only crew capsule in the deep space of the world, built with long-lasting life support, communications and deep space navigation and secure ability to re-enter the Earth. And he says NASA's SLS is designed to send critical laboratories, habitats and supplies to Mars. The main components of said system, says Lockheed Martin, would be launched separately, with some elements pre-positioned in the orbit of Mars ahead of time. And the aerospace company says that by using electrolysis with solar energy, the base camp in orbit could generate oxygen and hydrogen from the water.

However, the SLS will probably not be seen for the first time until 2020. Therefore, a 2028 term for operations on Mars is an ambitious time frame.

"With focus, we believe that the first manned orbital mission of Mars could be achieved as early as 2028, with landings on follow-up missions," said Tim Cichan, space exploration architect at Lockheed Martin Space. "The US Congress has ordered NASA to study a first mission to Mars in 2033."

Lockheed Martin foresees the use of the cislunar space, that is, the space between the Earth and the Moon, as a means of assembling and launching at least parts of the camp. Other scenarios of manned missions on Mars advocate a more direct approach to Mars.

The orbital base camp itself would be composed of massive panels of solar panels for the generation of energy for the operations of the station; a crew habitat; laboratories, as well as radiators, to keep both camp housing and sensitive electronics cool.

There would also be liquid oxygen and liquid hydrogen tanks reinforced for fuel to and from Mars and for the radiological protection of the crew. And Cichan says that since a reusable Mars lander is not necessary for the survival of the crew, it would be sent to Mars by unscrewing.

Funding for the base camp, says Cichan, likely comes from a combination of NASA, the European Space Agency (ESA), the Japanese Space Agency (JAXA) and other national space agencies. When asked about possible Mars partnerships with SpaceX or Blue Origin, Cichan just said that we expect NASA to have many international and commercial partners on a mission of this magnitude.


What are the approximate estimates for a program of this type?

"We designed the architecture of the Base Field of Mars to fit the current human exploration budget of NASA," Cichan said. "SLS is the only launch vehicle in production today that can send Orion to deep space."

Lockheed Martin did not provide figures for such a budget. But an April 2017 report from NASA's own Office of the Inspector General notes that, since 2012, the SLS / Orion program has spent about $ 15 billion. And the office estimates that a manned Mars mission scenario budgeted through the 2030s would cost the space agency more than $ 200 billion. Such long-term budget projections seem unsustainable in the current fiscal environment of Congress. Therefore, a Mars program of the kind that NASA and Lockheed Martin Space envision will probably require a whole new set of unprecedented public / private partnerships.

It will also require learning new skills classified by the crew in real deep space environments.

From decades of experience with Mir, Skylab, space shuttles (both civilian and military) and the International Space Station (ISS), we are quite good at managing life support in planetary orbit. We do not have as much experience with any type of human surface configuration classified as human. But one of the key missions of the base camps would be to explore a permanent land base on Mars.

Over the course of a 12-month period, a reusable landing module operating from the orbit of Mars could visit the five possible landing sites that I noted here earlier. As a result, crews could gather data to make a better decision about where to place a semi-permanent base on Mars.

Sound crazy?

So be it. A decade ago, who would have predicted that miniature drones would be used to deliver packages to someone's entrance? It is time to take our sense of adventure out of our psyche and reclaim the spatial future that can be ours.

Thursday, 7 September 2017

Logical Operations CFR-210 Question Answer

A high-level government official uses anonymous bank accounts to transfer a requested amount
of funds to individuals in another country.
These individuals are known for defacing government websites and exfiltrating sensitive data.
Which of the following BEST describes the involved threat actors?


A. State-sponsored hackers
B. Gray hat hackers
C. Hacktivists
D. Cyber terrorists

Answer: D



Which of the following technologies is used as mitigation to XSS attacks?

A. Intrusion prevention
B. Proxy filtering
C. Web application firewall
D. Intrusion detection

Answer: C

Wednesday, 21 June 2017

Logical Operations CFR-210 Question Answer

A suspicious laptop is found in a datacenter. The laptop is on and processing data, although
there is no application open on the screen. Which of the following BEST describes a Windows tool and technique that an investigator should use to analyze the laptop's RAM for working applications?


A. Net start and Network analysis
B. Regedit and Registry analysis
C. Task manager and Application analysis
D. Volatility and Memory analysis

Answer: B


A DMZ web server has been compromised. During the log review, the incident responder wants
to parse all common internal Class A addresses from the log. Which of the following commands should the responder use to accomplish this?


A. grep -x"(10.[0-9]+.[0-9]+.[0-9]+)" etc/rc.d/apache2/access.log I output.txt
B. grep -x"(192.168.[0.9]+[0-9])" bin/apache2/access.log I output.txt
C. grep -v"(10.[0-9]+.[0-9]+.[0-9]+)" /var/log/apache2/access.log > output.txt
D. grep -v"(192.168.[0.9]+[0-9]+)" /var/log/apache2/access.log > output.txt

Answer: C