200-201 Question #372: Real Exam Question with Answer & Explanation

Sign in or unlock 200-201 to reveal the answer and full explanation for question #372. The question stem and answer options stay visible for context.

Submitted by yuki_2020· Mar 6, 2026Security Monitoring

Question

A security engineer must investigate a recent breach within the organization. An engineer noticed that a breached workstation is trying to connect to the domain "Ranso4676-mware41-603", which is known as malicious. In which step of the Cyber Kill Chain is this event?

Options

Aaction on objectives
Breconnaissance
Cdelivery
Dweaponization

Unlock 200-201 to see the answer

You've previewed enough free 200-201 questions. Unlock 200-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock 200-201 - $49.99 / 30 days Sign in

Topics

#Cyber Kill Chain#incident response#malware activity

Full 200-201 Practice Browse All 200-201 Questions