200-201 Question #20: Real Exam Question with Answer & Explanation

Sign in or unlock 200-201 to reveal the answer and full explanation for question #20. The question stem and answer options stay visible for context.

Submitted by hans_de· Mar 6, 2026Network Intrusion Analysis

Question

Which two methods might be used by an analyst to detect SSL/TLS encrypted command-and- control communication? (Choose two.)

Options

Aperform decryption and inspection of SSL/TLS traffic
Bperform firewall HTTP application inspection to detect for the command and control traffic
Cperform IPS HTTP deep packets inspection to detect for the command and control traffic
Dperform analysis of the NetFlow data to detect anomalous TLS/SSL flows

Unlock 200-201 to see the answer

You've previewed enough free 200-201 questions. Unlock 200-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock 200-201 - $49.99 / 30 days Sign in

Topics

#TLS decryption#NetFlow analysis#C2 detection#network forensics

Full 200-201 Practice Browse All 200-201 Questions