Logical Operations Exam CFR-210 Topic 3 Question 35 Discussion

Actual exam question for Logical Operations's CFR-210 exam

Question #: 35
Topic #: 3

During an annual penetration test, several rootkit-enabled systems are found to be exfiltrating data. The penetration test team and the internal incident response team work to begin cleanup. The company's operations team offers a new emails server to use for communications during the incident. As cleanup continues, the attackers seem to know exactly what the incident response plan is. Which of the following will prevent the attackers from compromising cleanup activities?

ACheck the DNS server for rootkits placed by the attackers.

BDisconnect the Internet router until all systems can be checked and cleaned.

CUse out-of-band communication until the end of the incident.

DDisconnect the old emails server until they can be checked and cleaned.

Show Suggested Answer

Suggested Answer: D

by Gwenn at Oct 17, 2022, 12:53 AM

Limited Time Offer

25%

Off

Get Premium CFR-210 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Amalia

14 days ago

I'm not sure about that. Maybe we should also disconnect the old emails server until we can check and clean it.

upvoted 0 times

...

Aretha

18 days ago

I agree with Mohammad. Using out-of-band communication will help us keep our cleanup activities secure.

upvoted 0 times

...

Mohammad

26 days ago

I think we should use out-of-band communication to prevent the attackers from knowing our plans.

upvoted 0 times

...