200-201 Exam Question 176

A network engineer informed a security team of a large amount of traffic and suspicious activity from an unknown source to the company DMZ server The security team reviewed the data and identified a potential DDoS attempt According to NIST, at which phase of incident response is the security team?
  • 200-201 Exam Question 177


    Refer to the exhibit. Where is the executable file?
  • 200-201 Exam Question 178

    Refer to the exhibit.

    What is occurring?
  • 200-201 Exam Question 179

    A vulnerability analyst is performing the monthly scan data review Output data is very big and getting bigger each month The analyst decides to create a more efficient process to complete the task on time All false positives and true positives are excluded from the results The remaining findings will be assigned to a technical team for further remediation What is the result of such activity?
  • 200-201 Exam Question 180

    An organization's security team detected network spikes coming from the internal network. An investigation concluded that the spike in traffic was from intensive network scanning. How must the analyst collect the traffic to isolate the suspicious host?