200-201 Exam Question 16
A user received a targeted spear-phishing email and identified it as suspicious before opening the content. To which category of the Cyber Kill Chain model does to this type of event belong?
200-201 Exam Question 17
Drag and drop the elements from the left into the correct order for incident handling on the right.


200-201 Exam Question 18
What is the difference between tampered and untampered disk images?
200-201 Exam Question 19
Which two elements are used by the defense-in-depth strategy? (Choose two)
200-201 Exam Question 20
What is data encapsulation?


