200-201 Question #157: Real Exam Question with Answer & Explanation

The correct answer is D: It is a prevention activity to detect signs of intrusion, compromise, data theft, abnormalities, or. Threat hunting is a proactive cybersecurity activity where security professionals actively search through networks and systems to detect stealthy intrusions, compromises, and malicious activities that automated security tools might have missed.

Submitted by marco_it· Mar 6, 2026Security Monitoring

Question

Which statement describes threat hunting?

Options

AIt is an activity by an entity to deliberately bring down critical internal servers.
BIt includes any activity that might go after competitors and adversaries to infiltrate their systems.
CIt is a vulnerability assessment conducted by cyber professionals.
DIt is a prevention activity to detect signs of intrusion, compromise, data theft, abnormalities, or

Explanation

Threat hunting is a proactive cybersecurity activity where security professionals actively search through networks and systems to detect stealthy intrusions, compromises, and malicious activities that automated security tools might have missed.

Common mistakes.

A. This describes a malicious attack or sabotage, not threat hunting.
B. This describes competitive intelligence or espionage, not internal threat hunting.
C. Vulnerability assessment identifies weaknesses in systems; threat hunting looks for active threats exploiting or present due to those or other weaknesses.

Concept tested. Threat hunting definition and purpose

Reference. https://www.nist.gov/itl/applied-cybersecurity/nice/resources/threat-hunting-playbook

Topics

#threat hunting#proactive security#intrusion detection

Community Discussion

No community discussion yet for this question.

Full 200-201 Practice Browse All 200-201 Questions