200-201 Exam Question 146
What does cyber attribution identify in an investigation?
200-201 Exam Question 147
A SOC analyst is investigating an incident that involves a Linux system that is identifying specific sessions.
Which identifier tracks an active program?
Which identifier tracks an active program?
200-201 Exam Question 148
Which type of access control depends on the job function of the user?
200-201 Exam Question 149
Which two components reduce the attack surface on an endpoint? (Choose two.)
200-201 Exam Question 150
Refer to the exhibit.

A workstation downloads a malicious docx file from the Internet and a copy is sent to FTDv. The FTDv sends the file hash to FMC and the tile event is recorded what would have occurred with stronger data visibility.

A workstation downloads a malicious docx file from the Internet and a copy is sent to FTDv. The FTDv sends the file hash to FMC and the tile event is recorded what would have occurred with stronger data visibility.
