nerdexam
Exams200-201Questions#314
CiscoCisco

200-201 · Question #314

200-201 Question #314: Real Exam Question with Answer & Explanation

The correct answer is C: data encryption. The analyst faced challenges with data visibility due to data encryption, as encrypted traffic prevents direct inspection of payload content within the PCAP file.

Submitted by stefanr· Mar 6, 2026Network Intrusion Analysis

Question

Refer to exhibit. An analyst performs the analysis of the pcap file to detect the suspicious activity. What challenges did the analyst face in terms of data visibility?

Options

  • Adata encapsulation
  • Bcode obfuscation
  • Cdata encryption
  • DIP fragmentation

Explanation

The analyst faced challenges with data visibility due to data encryption, as encrypted traffic prevents direct inspection of payload content within the PCAP file.

Common mistakes.

  • A. Data encapsulation is a normal networking process visible in a PCAP and does not inherently hide the data content.
  • B. Code obfuscation applies to code within an application or malware, not directly to the visibility of network data in a PCAP file.
  • D. IP fragmentation breaks IP packets into smaller pieces, which are reassembled by analysis tools, so it does not hide the data content.

Concept tested. Network traffic analysis challenges (encryption)

Reference. https://learn.microsoft.com/en-us/windows/win32/seccrypto/tls-and-ssl

Topics

#Packet analysis#Network visibility#Encryption challenges

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 200-201 PracticeBrowse All 200-201 Questions