200-201 Exam Question 146

What does cyber attribution identify in an investigation?
  • 200-201 Exam Question 147

    A SOC analyst is investigating an incident that involves a Linux system that is identifying specific sessions.
    Which identifier tracks an active program?
  • 200-201 Exam Question 148

    Which type of access control depends on the job function of the user?
  • 200-201 Exam Question 149

    Which two components reduce the attack surface on an endpoint? (Choose two.)
  • 200-201 Exam Question 150

    Refer to the exhibit.

    A workstation downloads a malicious docx file from the Internet and a copy is sent to FTDv. The FTDv sends the file hash to FMC and the tile event is recorded what would have occurred with stronger data visibility.