New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CertNexus CFR-410 Exam - Topic 3 Question 67 Discussion

Actual exam question for CertNexus's CFR-410 exam
Question #: 67
Topic #: 3
[All CFR-410 Questions]

An incident responder discovers that the CEO logged in from their New York City office and then logged in from a location in Beijing an hour later. The incident responder suspects that the CEO's account has been

compromised. Which of the following anomalies MOST likely contributed to the incident responder's suspicion?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Louvenia at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium CFR-410 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Miriam
13 days ago
I'm going with C as well. The CEO must have a teleportation device or something to pull that off! Geovelocity is the way to go.
upvoted 0 times
...
Allene
19 days ago
Definitely C. The CEO logging in from two vastly different locations in such a short time frame is a huge red flag. Geovelocity is the clear culprit here.
upvoted 0 times
...
Brock
24 days ago
C) Geovelocity is the correct answer. The rapid change in location from New York City to Beijing within an hour is a clear indication of an anomaly.
upvoted 0 times
...
Jolanda
29 days ago
I feel like APT activity could be a factor, but the immediate concern here seems to be the geolocation anomaly.
upvoted 0 times
...
Pansy
1 month ago
This reminds me of a practice question where we discussed false positives. But in this case, the timing seems too tight for that to be the issue.
upvoted 0 times
...
Farrah
1 month ago
I’m not entirely sure, but I think geovelocity might be the right answer since it relates to the speed of travel between two locations.
upvoted 0 times
...
Cassi
1 month ago
I remember studying geolocation and how it can indicate suspicious activity, especially with such a drastic location change.
upvoted 0 times
...
Annamaria
2 months ago
I think the answer is C, geovelocity. The rapid location change is the biggest red flag that something is wrong with the CEO's account.
upvoted 0 times
...
Sarah
2 months ago
Hmm, I'm a bit confused. Is it possible the CEO was using a VPN or something? Could it be a false positive?
upvoted 0 times
...
Kattie
2 months ago
Definitely C, geovelocity. That's the most obvious anomaly that would raise suspicion of a compromised account.
upvoted 0 times
...
Glory
2 months ago
I'm not sure, the question seems a bit tricky. Could it be geolocation? The location change is the main clue here.
upvoted 0 times
...
Margery
2 months ago
Geovelocity, for sure. The CEO logging in from NYC and then Beijing an hour later is a clear sign of impossible travel.
upvoted 0 times
...

Save Cancel