ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-201 All Questions

View all questions & answers for the 200-201 exam
Go to Exam

Exam 200-201 topic 1 question 120 discussion

Actual exam question from Cisco's 200-201
Question #: 120
Topic #: 1
[All 200-201 Questions]

An organization's security team has detected network spikes coming from the internal network. An investigation has concluded that the spike in traffic was from intensive network scanning. How should the analyst collect the traffic to isolate the suspicious host?

  • A. based on the most used applications
  • B. by most active source IP
  • C. by most used ports
  • D. based on the protocols used
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Eng_ahmedyoussef at Oct. 5, 2022, 11:30 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SecurityGuy
9 months, 1 week ago
Selected Answer: B
From an admin point of view, you'll wanna know what sources of the detected anomaly. Normally, you'll search for the IP Address or Host.
upvoted 1 times
...
solodoc4l
1 year, 6 months ago
My daughter got that right just by knowing what an IP address is
upvoted 1 times
...
Eng_ahmedyoussef
1 year, 7 months ago
Selected Answer: B
By most active source ip
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago