Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Cisco Exam 200-201 Topic 2 Question 98 Discussion

Actual exam question for Cisco's 200-201 exam
Question #: 98
Topic #: 2
[All 200-201 Questions]

Which statement describes indicators of attack?

Show Suggested Answer Hide Answer
Suggested Answer: A

Indicators of Attack (IoA) refer to observable behaviors or artifacts that suggest a security breach or ongoing attack.

When internal hosts communicate with countries outside the business range, it may indicate data exfiltration or command-and-control communication to an external threat actor.

Unlike Indicators of Compromise (IoC) which indicate that a system has already been compromised, IoAs are often used to identify malicious activity in its early stages.

Monitoring for unusual outbound connections is a crucial aspect of detecting advanced persistent threats (APTs) and other sophisticated attacks.


Difference Between Indicators of Compromise and Indicators of Attack

Cyber Threat Detection Using Indicators of Attack

Network Monitoring for Anomalous Behavior

by Tanja at Sep 14, 2024, 05:51 AM

Limited Time Offer

25%

Off

Get Premium 200-201 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Torie
6 months ago
Haha, you guys are all over the place! I'm just gonna go with D and call it a day. Malicious file detected? That's like a giant neon sign saying 'You've been hacked!'
upvoted 0 times
...
Vi
7 months ago
Aw man, this question is giving me a headache. I'm just going to go with the one that sounds the most tech-savvy. C it is! Missing patches, that's got to be the one.
upvoted 0 times
...
Elliot
7 months ago
Wait, wait, wait. You're all missing the obvious choice here. It's clearly C - missing critical patches. That's just asking for trouble! Step up that cybersecurity game, people.
upvoted 0 times
Anisha
6 months ago
C) Critical patches are missing.
upvoted 0 times
...
Flo
6 months ago
B) Phishing attempts on an organization are blocked by mall AV.
upvoted 0 times
...
Lemuel
6 months ago
A) internal hosts communicate with countries outside of the business range.
upvoted 0 times
...
...
Michal
7 months ago
I don't know about you guys, but I'm going with option B. Phishing attempts getting blocked by the AV software? That's a good thing, right? Gotta protect that organization from those scammers!
upvoted 0 times
...
Anika
7 months ago
Ooh, this is a tough one. I'm torn between C and D, but I think I'll go with D. Detecting a malicious file is a pretty clear sign of an attack, don't you think?
upvoted 0 times
Deangelo
6 months ago
Yeah, but I believe detecting a malicious file is a more direct indicator.
upvoted 0 times
...
Dudley
6 months ago
I think missing critical patches could also be a sign of an attack.
upvoted 0 times
...
Tasia
6 months ago
I agree, detecting a malicious file is a strong indicator of an attack.
upvoted 0 times
...
...
Jina
7 months ago
But what about option C) Critical patches are missing? That could also be a sign of an attack, right?
upvoted 0 times
...
Toshia
7 months ago
Hmm, I'm not sure. I think option A might be the way to go - internal hosts communicating with countries outside the business range seems like a red flag to me.
upvoted 0 times
Ayesha
7 months ago
True, both options A and D could indicate a potential security breach. It's important to stay vigilant.
upvoted 0 times
...
Alton
7 months ago
But what about option D? A malicious file being detected by the AV software could also be a sign of an attack.
upvoted 0 times
...
Rashida
7 months ago
I agree, option A does seem like a potential indicator of attack.
upvoted 0 times
...
...
Oliva
7 months ago
I think option C is the best answer here. Missing critical patches can definitely be an indicator of potential attack.
upvoted 0 times
Millie
6 months ago
A malicious file being detected by the AV software is also a clear sign of an attack.
upvoted 0 times
...
Portia
6 months ago
True, that could indicate unauthorized access or data exfiltration.
upvoted 0 times
...
Abraham
7 months ago
But what about when internal hosts communicate with countries outside of the business range? That could also be a red flag.
upvoted 0 times
...
Ernie
7 months ago
I agree, missing critical patches can leave vulnerabilities for attackers to exploit.
upvoted 0 times
...
...
Tasia
8 months ago
I agree with King, because detecting a malicious file is a clear indicator of an attack.
upvoted 0 times
...
King
8 months ago
I think the answer is D) A malicious file is detected by the AV software.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77