Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CertNexus CFR-410 Exam - Topic 3 Question 67 Discussion

An incident responder discovers that the CEO logged in from their New York City office and then logged in from a location in Beijing an hour later. The incident responder suspects that the CEO's account has beencompromised. Which of the following anomalies MOST likely contributed to the incident responder's suspicion?
C) Geovelocity
A) Geolocation
B) False positive
D) Advanced persistent threat (APT) activity

CertNexus CFR-410 Exam - Topic 3 Question 67 Discussion

Actual exam question for CertNexus's CFR-410 exam
Question #: 67
Topic #: 3
[All CFR-410 Questions]

An incident responder discovers that the CEO logged in from their New York City office and then logged in from a location in Beijing an hour later. The incident responder suspects that the CEO's account has been

compromised. Which of the following anomalies MOST likely contributed to the incident responder's suspicion?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Louvenia at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium CFR-410 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Delmy
1 month ago
False positive is a stretch. The timing is too suspicious.
upvoted 0 times
...
Winfred
1 month ago
I think it’s an APT. Could be a targeted attack on the CEO.
upvoted 0 times
...
Detra
1 month ago
Agreed, geovelocity makes sense too. Speed of travel is impossible.
upvoted 0 times
...
Vivan
2 months ago
Definitely geolocation. NYC to Beijing in an hour? Unlikely.
upvoted 0 times
...
Gerald
2 months ago
Wait, how is that even possible? Sounds sketchy!
upvoted 0 times
...
Dorathy
2 months ago
APT activity seems unlikely in this case.
upvoted 0 times
...
Micaela
2 months ago
Geovelocity makes sense too, but wow, an hour apart?
upvoted 0 times
...
Shayne
2 months ago
I think it could be a false positive, though.
upvoted 0 times
...
Huey
2 months ago
Definitely geolocation, that’s a huge red flag!
upvoted 0 times
...
Keneth
3 months ago
Haha, the CEO must be the Flash or something to log in from NYC to Beijing that fast. Gotta be C, geovelocity for the win!
upvoted 0 times
...
Willow
3 months ago
C) Geovelocity is the obvious choice. Unless the CEO has discovered time travel, that login activity is highly suspicious.
upvoted 0 times
...
Miriam
4 months ago
I'm going with C as well. The CEO must have a teleportation device or something to pull that off! Geovelocity is the way to go.
upvoted 0 times
...
Allene
4 months ago
Definitely C. The CEO logging in from two vastly different locations in such a short time frame is a huge red flag. Geovelocity is the clear culprit here.
upvoted 0 times
...
Brock
4 months ago
C) Geovelocity is the correct answer. The rapid change in location from New York City to Beijing within an hour is a clear indication of an anomaly.
upvoted 0 times
...
Jolanda
4 months ago
I feel like APT activity could be a factor, but the immediate concern here seems to be the geolocation anomaly.
upvoted 0 times
...
Pansy
4 months ago
This reminds me of a practice question where we discussed false positives. But in this case, the timing seems too tight for that to be the issue.
upvoted 0 times
...
Farrah
4 months ago
I’m not entirely sure, but I think geovelocity might be the right answer since it relates to the speed of travel between two locations.
upvoted 0 times
...
Cassi
5 months ago
I remember studying geolocation and how it can indicate suspicious activity, especially with such a drastic location change.
upvoted 0 times
...
Annamaria
5 months ago
I think the answer is C, geovelocity. The rapid location change is the biggest red flag that something is wrong with the CEO's account.
upvoted 0 times
...
Sarah
5 months ago
Hmm, I'm a bit confused. Is it possible the CEO was using a VPN or something? Could it be a false positive?
upvoted 0 times
...
Kattie
5 months ago
Definitely C, geovelocity. That's the most obvious anomaly that would raise suspicion of a compromised account.
upvoted 0 times
...
Glory
5 months ago
I'm not sure, the question seems a bit tricky. Could it be geolocation? The location change is the main clue here.
upvoted 0 times
...
Margery
5 months ago
Geovelocity, for sure. The CEO logging in from NYC and then Beijing an hour later is a clear sign of impossible travel.
upvoted 0 times
Arlean
27 days ago
Geovelocity is definitely the key here.
upvoted 0 times
...
...

Save Cancel