Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CertNexus CFR-410 Exam - Topic 3 Question 67 Discussion

Actual exam question for CertNexus's CFR-410 exam
Question #: 67
Topic #: 3
[All CFR-410 Questions]

An incident responder discovers that the CEO logged in from their New York City office and then logged in from a location in Beijing an hour later. The incident responder suspects that the CEO's account has been

compromised. Which of the following anomalies MOST likely contributed to the incident responder's suspicion?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Louvenia at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium CFR-410 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Vivan
3 days ago
Definitely geolocation. NYC to Beijing in an hour? Unlikely.
upvoted 0 times
...
Gerald
8 days ago
Wait, how is that even possible? Sounds sketchy!
upvoted 0 times
...
Dorathy
13 days ago
APT activity seems unlikely in this case.
upvoted 0 times
...
Micaela
19 days ago
Geovelocity makes sense too, but wow, an hour apart?
upvoted 0 times
...
Shayne
24 days ago
I think it could be a false positive, though.
upvoted 0 times
...
Huey
29 days ago
Definitely geolocation, that’s a huge red flag!
upvoted 0 times
...
Keneth
1 month ago
Haha, the CEO must be the Flash or something to log in from NYC to Beijing that fast. Gotta be C, geovelocity for the win!
upvoted 0 times
...
Willow
1 month ago
C) Geovelocity is the obvious choice. Unless the CEO has discovered time travel, that login activity is highly suspicious.
upvoted 0 times
...
Miriam
2 months ago
I'm going with C as well. The CEO must have a teleportation device or something to pull that off! Geovelocity is the way to go.
upvoted 0 times
...
Allene
2 months ago
Definitely C. The CEO logging in from two vastly different locations in such a short time frame is a huge red flag. Geovelocity is the clear culprit here.
upvoted 0 times
...
Brock
2 months ago
C) Geovelocity is the correct answer. The rapid change in location from New York City to Beijing within an hour is a clear indication of an anomaly.
upvoted 0 times
...
Jolanda
3 months ago
I feel like APT activity could be a factor, but the immediate concern here seems to be the geolocation anomaly.
upvoted 0 times
...
Pansy
3 months ago
This reminds me of a practice question where we discussed false positives. But in this case, the timing seems too tight for that to be the issue.
upvoted 0 times
...
Farrah
3 months ago
I’m not entirely sure, but I think geovelocity might be the right answer since it relates to the speed of travel between two locations.
upvoted 0 times
...
Cassi
3 months ago
I remember studying geolocation and how it can indicate suspicious activity, especially with such a drastic location change.
upvoted 0 times
...
Annamaria
3 months ago
I think the answer is C, geovelocity. The rapid location change is the biggest red flag that something is wrong with the CEO's account.
upvoted 0 times
...
Sarah
3 months ago
Hmm, I'm a bit confused. Is it possible the CEO was using a VPN or something? Could it be a false positive?
upvoted 0 times
...
Kattie
4 months ago
Definitely C, geovelocity. That's the most obvious anomaly that would raise suspicion of a compromised account.
upvoted 0 times
...
Glory
4 months ago
I'm not sure, the question seems a bit tricky. Could it be geolocation? The location change is the main clue here.
upvoted 0 times
...
Margery
4 months ago
Geovelocity, for sure. The CEO logging in from NYC and then Beijing an hour later is a clear sign of impossible travel.
upvoted 0 times
...

Save Cancel