200-201 · Question #249
200-201 Question #249: Real Exam Question with Answer & Explanation
Sign in or unlock 200-201 to reveal the answer and full explanation for question #249. The question stem and answer options stay visible for context.
Question
A security engineer notices confidential data being exfiltrated to a domain 'Ransome4144- mware73-978' address that is attributed to a known advanced persistent threat group. The engineer discovers that the activity is part of a real attack and not a network misconfiguration. Which category does this event fall under as defined in the Cyber Kill Chain?
Options
- Areconnaissance
- Bdelivery
- Caction on objectives
- Dweaponization
Unlock 200-201 to see the answer
You've previewed enough free 200-201 questions. Unlock 200-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.